CVE-2021-37916

CVE-2021-37916

EPSS 0.7%

Joplin before 2.0.9 allows XSS via button and form in the note body.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/laurent22/joplin/commit/feaecf765368f2c273bea3a9fa641ff0da7e6b26 https://github.com/laurent22/joplin/releases/tag/v2.0.9