CVE-2020-15930
- Source
- https://cve.org/CVERecord?id=CVE-2020-15930
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-15930.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-15930
- Aliases
- Published
- 2020-09-24T19:15:11.713Z
- Modified
- 2026-03-14T10:19:10.547492Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
An XSS issue in Joplin desktop 1.0.190 to 1.0.245 allows arbitrary code execution via a malicious HTML embed tag.
- References
Affected packages
Git / github.com/laurent22/joplin
Affected versions
android-v1.*
android-v1.0.319-rc1
android-v1.0.320
android-v1.0.321
android-v1.0.322
android-v1.0.323
android-v1.0.324
android-v1.0.325
android-v1.0.326
android-v1.0.327
android-v1.0.328
android-v1.0.329
android-v1.0.330
android-v1.0.331
android-v1.0.332
android-v1.0.333
android-v1.0.335
android-v1.0.336
android-v1.0.337
android-v1.0.338
android-v1.0.339-3
android-v1.0.340
android-v1.1.1
cli-v1.*
cli-v1.0.156
cli-v1.0.157
cli-v1.0.158
cli-v1.0.159
cli-v1.0.160
cli-v1.0.161
cli-v1.0.162
cli-v1.0.163
cli-v1.0.164
cli-v1.0.165
cli-v1.0.166
cli-v1.0.167
clipper-1.*
clipper-1.0.23
clipper-1.0.25
ios-v10.*
ios-v10.0.45
ios-v10.0.47
ios-v10.0.48
ios-v10.0.49
ios-v10.0.50
ios-v10.0.51
ios-v10.0.52
ios-v10.0.53
v1.*
v1.0.190
v1.0.191
v1.0.192
v1.0.193
v1.0.194
v1.0.195
v1.0.196
v1.0.197
v1.0.198
v1.0.199
v1.0.200
v1.0.201
v1.0.202
v1.0.203
v1.0.204
v1.0.205
v1.0.206
v1.0.207
v1.0.208
v1.0.209
v1.0.210
v1.0.211
v1.0.212
v1.0.213
v1.0.214
v1.0.215
v1.0.216
v1.0.217
v1.0.218
v1.0.219
v1.0.220
v1.0.221
v1.0.222
v1.0.223
v1.0.224
v1.0.225
v1.0.226
v1.0.227
v1.0.228
v1.0.229
v1.0.230
v1.0.231
v1.0.232
v1.0.233
v1.0.234
v1.0.235
v1.0.236
v1.0.237
v1.0.238
v1.0.239
v1.0.240
v1.0.241
v1.0.242
v1.0.243
v1.0.245
v1.1.1
v1.1.2
v1.1.244
v1.1.3