AI Score
Confidence
High
EPSS
Percentile
88.3%
zonote through 0.4.0 allows XSS via a crafted note, with resultant Remote Code Execution (because nodeIntegration in webPreferences is true).
github.com/hmartos/cve-2020-35717
github.com/zonetti/zonote
medium.com/bugbountywriteup/remote-code-execution-through-cross-site-scripting-in-electron-f3b891ad637
www.electronjs.org/apps/zonote