CVE-2021-33295

Description

Cross Site Scripting (XSS) vulnerability in Joplin Desktop App before 1.8.5 allows attackers to execute aribrary code due to improper sanitizing of html.

CvssV3 impact

Could not find any metrics

CvssV2 impact

AccessComplexity

MEDIUM

ConfidentialityImpact

NONE

AvailabilityImpact

NONE

IntegrityImpact

PARTIAL

BaseScore

3.5

VectorString

AV:N/AC:M/Au:S/C:N/I:P/A:N

Version

2.0

AccessVector

NETWORK

Authentication

SINGLE