CVE-2025-25187 | laurent22 joplin up to 3.1.23 Content-Security-Policy cross site scripting (GHSA-9gfv-q6wj-fr3c)

Inserito da Angelo Barbosa | Feb 8, 2025 | CVE

A vulnerability, which was classified as problematic, has been found in laurent22 joplin up to 3.1.23. This issue affects some unknown processing of the component Content-Security-Policy. The manipulation leads to cross site scripting.

The identification of this vulnerability is CVE-2025-25187. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-25187 | laurent22 joplin up to 3.1.23 Content-Security-Policy cross site scripting (GHSA-9gfv-q6wj-fr3c)

Post correlati

VDB-273288 | Google Cloud Shell ssh.cloud.google.com redirect

CVE-2024-2274 | Bdtask G-Prescription Gynaecology & OBS Consultation Software Prescription Dashboard /Home/Index cross site scripting

CVE-2024-7278 | itsourcecode Alton Management System 1.0 /admin/team_save.php team sql injection

CVE-2024-42185 | HCL BigFix Patch Management Download Plug-ins up to 1177 xml external entity reference (KB0118565)