0.001 Low
EPSS
Percentile
35.4%
joplin is vulnerable to cross-site scripting (XSS) attacks. The library does not sanitize input when converting markdown files to html, allowing a malicious user to inject and execute arbitrary Javascript.
github.com/laurent22/joplin/issues/500