Joplin Project Joplin vulnerabilities
22 known vulnerabilities affecting joplin_project/joplin.
Total CVEs
22
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
CRITICAL5HIGH3MEDIUM14
Vulnerabilities
Page 2 of 2
CVE-2021-33295P4MEDIUMCVSS 5.4fixed in 1.8.52022-06-16
CVE-2021-33295 [MEDIUM] CWE-79 CVE-2021-33295: Cross Site Scripting (XSS) vulnerability in Joplin Desktop App before 1.8.5 allows attackers to exec
Cross Site Scripting (XSS) vulnerability in Joplin Desktop App before 1.8.5 allows attackers to execute aribrary code due to improper sanitizing of html.
nvd
CVE-2024-55630P4MEDIUMCVSS 5.5fixed in 3.2.82025-02-07
CVE-2024-55630 [MEDIUM] CWE-20 CVE-2024-55630: Joplin is a free, open source note taking and to-do application, which can handle a large number of
Joplin is a free, open source note taking and to-do application, which can handle a large number of notes organised into notebooks. Joplin's HTML sanitizer allows the `name` attribute to be specified. If `name` is set to the same value as an existing `document` property (e.g. `querySelector`), that property is replaced with the element. This vulnerabi
nvd
← Previous2 / 2