Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
Podatności dla
'Leanote'
2022-03-28
CVE-2021-43721
CWE-79
Leanote 2.7.0 is vulnerable to Cross Site Scripting (XSS) in the markdown type note. This leads to remote code execution with payload : <video src=x onerror=(function(){require('child_process').exec('calc');})();>
2020-09-30
CVE-2020-26158
CWE-79
Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled when the batch feature is triggered. This leads to remote code execution because of Node integration.
CVE-2020-26157
CWE-79
Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled during syncing. This leads to remote code execution because of Node integration.
2019-07-11
CVE-2019-1010003
CWE-79
Leanote prior to version 2.6 is affected by: Cross Site Scripting (XSS).
2018-10-21
CVE-2018-18553
CWE-79
Leanote 2.6.1 has XSS via the Blog Basic Setting title field, which is mishandled during rendering of the "likes" page.
2018-01-02
CVE-2017-1000459
CWE-79
Leanote version <= 2.5 is vulnerable to XSS due to not sanitized input in markdown notes
>>>
Vendor:
Leanote
2
Produkty
Desktop
Leanote
Copyright
2024
, cxsecurity.com
Back to Top
Podatności dla 'Leanote' 
Polish
English