CVE-2023-37898 | laurent22 joplin up to 2.12.8 MarkupToHtml.ts child_process cross site scripting (GHSA-hjmq-3qh4-g2r8)

Inserito da Angelo Barbosa | Giu 21, 2024 | CVE

A vulnerability has been found in laurent22 joplin up to 2.12.8 and classified as problematic. Affected by this vulnerability is the function child_process of the file packages/renderer/MarkupToHtml.ts. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2023-37898. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-37898 | laurent22 joplin up to 2.12.8 MarkupToHtml.ts child_process cross site scripting (GHSA-hjmq-3qh4-g2r8)

Post correlati

CVE-2024-26942 | Linux Kernel up to 6.8.2/6.9-rc1 at803x at8031_probe denial of service (a8a296ad9957/6a4aee277740)

CVE-2024-7013 | Panasonic Control FPWIN Pro up to 7.7.2.0 Project File stack-based overflow

CVE-2024-42986 | Tenda FH1206 02.03.01.35 POST fromAdvSetWan PPPOEPassword denial of service

CVE-2024-21631 | Vapor up to 4.89.x vapor_urlparser_parse unmaintained third party components (GHSA-r6r4-5pr8-gjcp)