Joplin Core library
latest non vulnerable version
2 years ago
latest version published
3 months ago
- >=1.0.13 <2.6.3
Fix for free
Known vulnerabilities in the @joplin/lib package. This does not include vulnerabilities belonging to this package’s dependencies.Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
@joplin/lib is a joplin core library.
Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via note titles, due to unescaped user input reaching
How to fix Cross-site Scripting (XSS)?