A vulnerability has been found in laurent22 joplin up to 2.12.8 and classified as problematic. Affected by this vulnerability is the function child_process of the file packages/renderer/MarkupToHtml.ts. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2023-37898. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.