CVE-2023-37898 | laurent22 joplin up to 2.12.8 MarkupToHtml.ts child_process cross site scripting (GHSA-hjmq-3qh4-g2r8)

Posted by Angelo Barbosa | Jun 21, 2024 | CVE

A vulnerability has been found in laurent22 joplin up to 2.12.8 and classified as problematic. Affected by this vulnerability is the function child_process of the file packages/renderer/MarkupToHtml.ts. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2023-37898. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-37898 | laurent22 joplin up to 2.12.8 MarkupToHtml.ts child_process cross site scripting (GHSA-hjmq-3qh4-g2r8)

Related Posts

CVE-2022-24403 | ETSI TETRA Standard TA61 Identity Tetraburst risky encryption

CVE-2023-39998 | Muffingroup Betheme Plugin up to 27.1.1 on WordPress authorization

CVE-2023-42881 | Apple macOS AppleVA Remote Code Execution (HT214036)

CVE-2023-32196 | Rancher External RoleTemplates privileges management