@joplin/renderer@2.10.2 vulnerabilities
The Joplin note renderer, used the mobile and desktop application
-
latest version
2.14.1
-
latest non vulnerable version
-
first published
3 years ago
-
latest version published
2 months ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the @joplin/renderer package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
@joplin/renderer is a renderer used by Joplin to render notes in Markdown or HTML format. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization passed via a How to fix Cross-site Scripting (XSS)? Upgrade |
<2.11.1
|
@joplin/renderer is a renderer used by Joplin to render notes in Markdown or HTML format. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization. Exploiting this vulnerability is possible via an How to fix Cross-site Scripting (XSS)? Upgrade |
<2.11.1
|