Arbitrary Code Execution Vulnerability in Joplin Desktop 1.0.190 to 1.0.245 via Malicious HTML Embed Tag

Arbitrary Code Execution Vulnerability in Joplin Desktop 1.0.190 to 1.0.245 via Malicious HTML Embed Tag

CVE-2020-15930 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

An XSS issue in Joplin desktop 1.0.190 to 1.0.245 allows arbitrary code execution via a malicious HTML embed tag.

Learn more about our Cis Benchmark Audit For Desktop Software.