Vulnerabilities/

Cross-site Scripting in Joplin (GHSA-6r7x-hc8m-985r)

Severity:: Medium

Description

Joplin through 1.0.184 allows Arbitrary File Read via Cross-site Scripting (XSS).

Recommendation

Update the joplin package to the latest compatible version. Followings are version details:

Affected version(s): < 1.2.1
Patched version(s): 1.2.1

References

Related Issues

Tags:: npm; joplin

Anything's wrong? Let us know Last updated on February 01, 2023