3.2.4
4 years ago
2 days ago
Known vulnerabilities in the @joplin/renderer package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
@joplin/renderer is a renderer used by Joplin to render notes in Markdown or HTML format. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to insufficient sanitization in the How to fix Cross-site Scripting (XSS)? Upgrade | <2.12.1 |
@joplin/renderer is a renderer used by Joplin to render notes in Markdown or HTML format. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in How to fix Cross-site Scripting (XSS)? Upgrade | <2.12.1 |
@joplin/renderer is a renderer used by Joplin to render notes in Markdown or HTML format. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization passed via a How to fix Cross-site Scripting (XSS)? Upgrade | <2.11.1 |
@joplin/renderer is a renderer used by Joplin to render notes in Markdown or HTML format. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization. Exploiting this vulnerability is possible via an How to fix Cross-site Scripting (XSS)? Upgrade | <2.11.1 |
@joplin/renderer is a renderer used by Joplin to render notes in Markdown or HTML format. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) when a specially crafted string is passed to the renderer, due to improper user-input sanitization. How to fix Cross-site Scripting (XSS)? Upgrade | <2.10.1 |
@joplin/renderer is a renderer used by Joplin to render notes in Markdown or HTML format. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via a How to fix Cross-site Scripting (XSS)? Upgrade | <1.7.1 |