-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability stems from incomplete HTML sanitization in Joplin's rendering pipeline. The commit diff shows the vulnerable version lacked form-related tags in the disallowedTags array. The HtmlUtils class in htmlUtils.ts handles HTML sanitization using this array to filter dangerous elements. Since form elements weren't blocked, any function processing user-supplied HTML content using this sanitization logic would allow XSS payloads via attributes like onclick or form action handlers. The confidence is high because: 1) The patch explicitly adds these tags to the blocklist 2) The CVE description directly attributes the vulnerability to form/button elements 3) The file modified (htmlUtils.ts) is clearly part of the HTML rendering pipeline.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| joplin | npm | < 2.0.9 | 2.0.9 |
JavaScriptJavaScriptOngoing coverage of React2Shell