@joplin/lib@2.2.4 vulnerabilities
Joplin Core library
-
latest version
3.0.1
-
latest non vulnerable version
-
first published
4 years ago
-
latest version published
2 months ago
-
licenses detected
- >=1.0.13 <2.6.3
Direct Vulnerabilities
Known vulnerabilities in the @joplin/lib package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
@joplin/lib is a joplin core library. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the How to fix Cross-site Scripting (XSS)? Upgrade |
<2.12.1
|
@joplin/lib is a joplin core library. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via note titles, due to unescaped user input reaching How to fix Cross-site Scripting (XSS)? Upgrade |
<2.9.1
|