CVSS: 8.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45673 – Arbitrary code execution on click of PDF links in Joplin
https://notcve.org/view.php?id=CVE-2023-45673
Joplin is a free, open source note taking and to-do application. A remote code execution (RCE) vulnerability in affected versions allows clicking on a link in a PDF in an untrusted note to execute arbitrary shell commands. Clicking links in PDFs allows for arbitrary code execution because Joplin desktop: 1. has not disabled top redirection for note viewer iframes, and 2. and has node integration enabled. This is a remote code execution vulnerability that impacts anyone who attaches untrusted PDFs to notes and has the icon enabled. This issue has been addressed in version 2.13.3. • https://developer.mozilla.org/en-US/docs/Web/HTML/Element/iframe#sandbox https://github.com/laurent22/joplin/security/advisories/GHSA-g8qx-5vcm-3x59 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37298
https://notcve.org/view.php?id=CVE-2023-37298
Joplin before 2.11.5 allows XSS via a USE element in an SVG document. • https://github.com/laurent22/joplin/commit/caf66068bfc474bbfd505013076ed173cd90ca83 https://github.com/laurent22/joplin/releases/tag/v2.11.5 https://vuln.ryotak.net/advisories/69 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37299
https://notcve.org/view.php?id=CVE-2023-37299
Joplin before 2.11.5 allows XSS via an AREA element of an image map. • https://github.com/laurent22/joplin/commit/9e90d9016daf79b5414646a93fd369aedb035071 https://github.com/laurent22/joplin/releases/tag/v2.11.5 https://vuln.ryotak.net/advisories/68 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45598
https://notcve.org/view.php?id=CVE-2022-45598
Cross Site Scripting vulnerability in Joplin Desktop App before v2.9.17 allows attacker to execute arbitrary code via improper santization. Una vulnerabilidad de cross site scripting en la aplicación de escritorio Joplin anterior a v2.9.17 permite a un atacante ejecutar código arbitrario mediante una sanitización inadecuada. • https://github.com/laurent22/joplin/commit/a2de167b95debad83a0f0c7925a88c0198db812e https://github.com/laurent22/joplin/releases/tag/v2.9.17 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-40277
https://notcve.org/view.php?id=CVE-2022-40277
Joplin version 2.8.8 allows an external attacker to execute arbitrary commands remotely on any client that opens a link in a malicious markdown file, via Joplin. This is possible because the application does not properly validate the schema/protocol of existing links in the markdown file before passing them to the 'shell.openExternal' function. Joplin versión 2.8.8, permite a un atacante externo ejecutar comandos arbitrarios de forma remota en cualquier cliente que abra un enlace en un archivo markdown malicioso, por medio de Joplin. Esto es posible porque la aplicación no comprueba apropiadamente el esquema/protocolo de los enlaces existentes en el archivo markdown antes de pasarlos a la función "shell.openExternal" • https://fluidattacks.com/advisories/skrillex https://github.com/laurent22/joplin • CWE-20: Improper Input Validation •