Arbitrary Code Execution via Cross Site Scripting (XSS) Vulnerability in Joplin Desktop App

Arbitrary Code Execution via Cross Site Scripting (XSS) Vulnerability in Joplin Desktop App

CVE-2021-33295 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Cross Site Scripting (XSS) vulnerability in Joplin Desktop App before 1.8.5 allows attackers to execute aribrary code due to improper sanitizing of html.

Learn more about our Cis Benchmark Audit For Desktop Software.