CVE-2021-37916

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-37916

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-37916.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-37916

Aliases

GHSA-mrmf-755g-w2vw

Published

2021-08-03T00:15:08.653Z

Modified

2025-11-20T11:50:46.049959Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

Joplin before 2.0.9 allows XSS via button and form in the note body.

References

Affected packages

Git / github.com/laurent22/joplin

Affected ranges

Type: GIT
Repo: https://github.com/laurent22/joplin
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

7aca380cfa2d8ce419cce4329a491c025bc071f9

Fixed

feaecf765368f2c273bea3a9fa641ff0da7e6b26

Affected versions

0.*

0.10.0

android-v0.*

android-v0.10.61

android-v0.10.62

android-v0.10.65

android-v0.10.66

android-v0.10.69

android-v0.10.71

android-v0.10.74

android-v0.10.75

android-v0.10.78

android-v0.10.79

android-v0.10.81

android-v0.10.83

android-v0.10.85

android-v0.10.86

android-v0.10.88

android-v0.10.89

android-v0.10.90

android-v0.10.91

android-v0.10.92

android-v1.*

android-v1.0.100

android-v1.0.101

android-v1.0.102

android-v1.0.103

android-v1.0.104

android-v1.0.106

android-v1.0.107

android-v1.0.110

android-v1.0.112

android-v1.0.113

android-v1.0.114

android-v1.0.115

android-v1.0.116

android-v1.0.118

android-v1.0.119

android-v1.0.120

android-v1.0.122

android-v1.0.123

android-v1.0.124

android-v1.0.125

android-v1.0.127

android-v1.0.128

android-v1.0.129

android-v1.0.131

android-v1.0.132

android-v1.0.133

android-v1.0.135

android-v1.0.138

android-v1.0.140

android-v1.0.141

android-v1.0.142

android-v1.0.143

android-v1.0.148

android-v1.0.151

android-v1.0.174

android-v1.0.175

android-v1.0.176

android-v1.0.177

android-v1.0.178

android-v1.0.179

android-v1.0.181

android-v1.0.200

android-v1.0.201

android-v1.0.224

android-v1.0.225

android-v1.0.232

android-v1.0.233

android-v1.0.234

android-v1.0.235

android-v1.0.236

android-v1.0.237

android-v1.0.238

android-v1.0.239

android-v1.0.240

android-v1.0.241

android-v1.0.242

android-v1.0.243

android-v1.0.244

android-v1.0.245

android-v1.0.246

android-v1.0.248

android-v1.0.251

android-v1.0.252

android-v1.0.253

android-v1.0.254

android-v1.0.255

android-v1.0.260

android-v1.0.261

android-v1.0.269

android-v1.0.271

android-v1.0.276

android-v1.0.277

android-v1.0.279

android-v1.0.281

android-v1.0.282

android-v1.0.283

android-v1.0.284

android-v1.0.289

android-v1.0.290

android-v1.0.291

android-v1.0.292

android-v1.0.293

android-v1.0.294

android-v1.0.299

android-v1.0.303

android-v1.0.304

android-v1.0.305

android-v1.0.306

android-v1.0.307

android-v1.0.308

android-v1.0.309

android-v1.0.310

android-v1.0.311

android-v1.0.312

android-v1.0.313

android-v1.0.314

android-v1.0.315

android-v1.0.316

android-v1.0.317

android-v1.0.318

android-v1.0.319-rc1

android-v1.0.320

android-v1.0.321

android-v1.0.322

android-v1.0.323

android-v1.0.324

android-v1.0.325

android-v1.0.326

android-v1.0.327

android-v1.0.328

android-v1.0.329

android-v1.0.330

android-v1.0.331

android-v1.0.332

android-v1.0.333

android-v1.0.335

android-v1.0.336

android-v1.0.337

android-v1.0.338

android-v1.0.339-3

android-v1.0.340

android-v1.0.94

android-v1.0.95

android-v1.0.97

android-v1.0.98

android-v1.1.1

android-v1.2.1

android-v1.2.2

android-v1.2.3

android-v1.2.4

android-v1.2.5

android-v1.2.6

android-v1.3.10

android-v1.3.11

android-v1.3.13

android-v1.3.3

android-v1.3.7

android-v1.3.8

android-v1.3.9

android-v1.4.11

android-v1.5.1

android-v1.6.2

android-v1.6.3

android-v1.6.4

android-v1.6.5

android-v1.6.6

android-v1.6.7

android-v1.7.1

android-v1.7.2

android-v1.7.3

android-v1.7.4

android-v1.7.5

android-v1.8.1

android-v1.8.2

android-v1.8.3

android-v1.8.4

android-v1.8.5

android-v2.*

android-v2.0.1

cli-v0.*

cli-v0.10.83

cli-v0.10.84

cli-v0.10.85

cli-v0.10.86

cli-v0.10.87

cli-v0.10.90

cli-v0.10.91

cli-v0.10.92

cli-v0.10.93

cli-v1.*

cli-v1.0.100

cli-v1.0.101

cli-v1.0.103

cli-v1.0.104

cli-v1.0.106

cli-v1.0.107

cli-v1.0.108

cli-v1.0.109

cli-v1.0.110

cli-v1.0.113

cli-v1.0.114

cli-v1.0.115

cli-v1.0.116

cli-v1.0.117

cli-v1.0.118

cli-v1.0.119

cli-v1.0.120

cli-v1.0.122

cli-v1.0.123

cli-v1.0.124

cli-v1.0.125

cli-v1.0.126

cli-v1.0.127

cli-v1.0.128

cli-v1.0.129

cli-v1.0.133

cli-v1.0.135

cli-v1.0.136

cli-v1.0.137

cli-v1.0.139

cli-v1.0.140

cli-v1.0.141

cli-v1.0.145

cli-v1.0.146

cli-v1.0.147

cli-v1.0.148

cli-v1.0.149

cli-v1.0.150

cli-v1.0.153

cli-v1.0.154

cli-v1.0.155

cli-v1.0.156

cli-v1.0.157

cli-v1.0.158

cli-v1.0.159

cli-v1.0.160

cli-v1.0.161

cli-v1.0.162

cli-v1.0.163

cli-v1.0.164

cli-v1.0.165

cli-v1.0.166

cli-v1.0.167

cli-v1.0.95

cli-v1.0.96

cli-v1.0.97

cli-v1.0.98

cli-v1.0.99

cli-v1.1.8

cli-v1.2.1

cli-v1.2.2

cli-v1.2.3

cli-v1.3.1

cli-v1.3.2

cli-v1.3.3

cli-v1.4.7

cli-v1.5.1

cli-v1.6.1

cli-v1.6.2

cli-v1.6.3

cli-v1.6.4

cli-v1.8.1

clipper-1.*

clipper-1.0.10

clipper-1.0.12

clipper-1.0.13

clipper-1.0.14

clipper-1.0.15

clipper-1.0.16

clipper-1.0.17

clipper-1.0.18

clipper-1.0.19

clipper-1.0.20

clipper-1.0.21

clipper-1.0.22

clipper-1.0.23

clipper-1.0.25

clipper-1.0.7

clipper-1.0.8

clipper-1.3.1

clipper-1.4.3

clipper-1.6.1

ios-v0.*

ios-v0.10.26

ios-v0.10.6

ios-v0.10.9

ios-v1.*

ios-v1.0.13

ios-v10.*

ios-v10.0.21

ios-v10.0.22

ios-v10.0.23

ios-v10.0.24

ios-v10.0.27

ios-v10.0.29

ios-v10.0.30

ios-v10.0.31

ios-v10.0.33

ios-v10.0.34

ios-v10.0.35

ios-v10.0.36

ios-v10.0.37

ios-v10.0.39

ios-v10.0.40

ios-v10.0.41

ios-v10.0.43

ios-v10.0.44

ios-v10.0.45

ios-v10.0.47

ios-v10.0.48

ios-v10.0.49

ios-v10.0.50

ios-v10.0.51

ios-v10.0.52

ios-v10.0.53

ios-v10.2.0

ios-v10.2.1

ios-v10.3.1

ios-v10.4.1

ios-v10.5.1

ios-v10.6.2

ios-v10.6.3

ios-v10.7.1

ios-v10.7.2

ios-v10.8.1

Other

list

untagged-6ad6c38d382d9cf912e5

plugin-generator-v1.*

plugin-generator-v1.4.5

plugin-generator-v1.5.2

plugin-generator-v1.5.3

plugin-generator-v1.6.10

plugin-generator-v1.6.11

plugin-generator-v1.6.2

plugin-generator-v1.6.3

plugin-generator-v1.6.4

plugin-generator-v1.6.5

plugin-generator-v1.6.6

plugin-generator-v1.6.7

plugin-generator-v1.6.8

plugin-generator-v1.6.9

plugin-generator-v1.7.1

plugin-generator-v1.7.2

plugin-generator-v1.7.3

plugin-generator-v1.8.1

server-v1.*

server-v1.6.4

server-v1.7.2

server-v2.*

server-v2.0.2

server-v2.0.3

server-v2.0.4

server-v2.0.5

server-v2.0.6

server-v2.0.8-beta

server-v2.0.9-beta

v0.*

v0.10.0

v0.10.1

v0.10.14

v0.10.15

v0.10.16

v0.10.17

v0.10.18

v0.10.19

v0.10.2

v0.10.20

v0.10.21

v0.10.22

v0.10.23

v0.10.24

v0.10.25

v0.10.26

v0.10.27

v0.10.28

v0.10.29

v0.10.3

v0.10.30

v0.10.31

v0.10.32

v0.10.33

v0.10.34

v0.10.35

v0.10.36

v0.10.37

v0.10.38

v0.10.39

v0.10.4

v0.10.40

v0.10.41

v0.10.42

v0.10.43

v0.10.44

v0.10.45

v0.10.46

v0.10.47

v0.10.48

v0.10.49

v0.10.5

v0.10.50

v0.10.51

v0.10.52

v0.10.53

v0.10.54

v0.10.55

v0.10.56

v0.10.57

v0.10.58

v0.10.59

v0.10.59-android

v0.10.6

v0.10.60

v0.10.61

v0.10.65

v0.10.7

v0.10.8

v0.10.9

v0.10.92

v1.*

v1.0.100

v1.0.101

v1.0.102

v1.0.103

v1.0.104

v1.0.105

v1.0.106

v1.0.107

v1.0.108

v1.0.109

v1.0.110

v1.0.111

v1.0.112

v1.0.113

v1.0.114

v1.0.115

v1.0.116

v1.0.117

v1.0.118

v1.0.119

v1.0.120

v1.0.123

v1.0.124

v1.0.125

v1.0.126

v1.0.127

v1.0.128

v1.0.129

v1.0.130

v1.0.131

v1.0.132

v1.0.133

v1.0.134

v1.0.135

v1.0.136

v1.0.137

v1.0.138

v1.0.139

v1.0.140

v1.0.142

v1.0.143

v1.0.144

v1.0.145

v1.0.147

v1.0.148

v1.0.149

v1.0.150

v1.0.151

v1.0.152

v1.0.153

v1.0.154

v1.0.155

v1.0.156

v1.0.157

v1.0.158

v1.0.159

v1.0.160

v1.0.161

v1.0.162

v1.0.163

v1.0.164

v1.0.165

v1.0.166

v1.0.167

v1.0.168

v1.0.169

v1.0.170

v1.0.171

v1.0.172

v1.0.173

v1.0.174

v1.0.175

v1.0.176

v1.0.177

v1.0.178

v1.0.179

v1.0.181

v1.0.182

v1.0.183

v1.0.184

v1.0.185

v1.0.186

v1.0.187

v1.0.188

v1.0.189

v1.0.190

v1.0.191

v1.0.192

v1.0.193

v1.0.194

v1.0.195

v1.0.196

v1.0.197

v1.0.198

v1.0.199

v1.0.200

v1.0.201

v1.0.202

v1.0.203

v1.0.204

v1.0.205

v1.0.206

v1.0.207

v1.0.208

v1.0.209

v1.0.210

v1.0.211

v1.0.212

v1.0.213

v1.0.214

v1.0.215

v1.0.216

v1.0.217

v1.0.218

v1.0.219

v1.0.220

v1.0.221

v1.0.222

v1.0.223

v1.0.224

v1.0.225

v1.0.226

v1.0.227

v1.0.228

v1.0.229

v1.0.230

v1.0.231

v1.0.232

v1.0.233

v1.0.234

v1.0.235

v1.0.236

v1.0.237

v1.0.238

v1.0.239

v1.0.240

v1.0.241

v1.0.242

v1.0.243

v1.0.245

v1.0.62

v1.0.63

v1.0.64

v1.0.65

v1.0.66

v1.0.67

v1.0.68

v1.0.69

v1.0.70

v1.0.71

v1.0.72

v1.0.73

v1.0.74

v1.0.75

v1.0.76

v1.0.77

v1.0.78

v1.0.79

v1.0.80

v1.0.81

v1.0.82

v1.0.83

v1.0.84

v1.0.85

v1.0.86

v1.0.87

v1.0.88

v1.0.89

v1.0.90

v1.0.91

v1.0.92

v1.0.93

v1.0.94

v1.0.95

v1.0.96

v1.0.97

v1.0.98

v1.0.99

v1.1.1

v1.1.2

v1.1.244

v1.1.3

v1.1.4

v1.2.1

v1.2.2

v1.2.3

v1.2.4

v1.2.5

v1.2.6

v1.3.1

v1.3.10

v1.3.11

v1.3.14

v1.3.15

v1.3.16

v1.3.17

v1.3.18

v1.3.2

v1.3.3

v1.3.4

v1.3.5

v1.3.6

v1.3.7

v1.3.8

v1.3.9

v1.4.1

v1.4.10

v1.4.11

v1.4.12

v1.4.13

v1.4.15

v1.4.16

v1.4.18

v1.4.19

v1.4.2

v1.4.3

v1.4.4

v1.4.5

v1.4.6

v1.4.7

v1.4.8

v1.4.9

v1.5.1

v1.5.10

v1.5.11

v1.5.12

v1.5.13

v1.5.14

v1.5.2

v1.5.3

v1.5.4

v1.5.5

v1.5.6

v1.5.7

v1.5.8

v1.5.9

v1.6.1

v1.6.2

v1.6.4

v1.6.5

v1.6.6

v1.6.7

v1.6.8

v1.7.1

v1.7.10

v1.7.11

v1.7.2

v1.7.3

v1.7.4

v1.7.5

v1.7.6

v1.7.7

v1.7.8

v1.7.9

v1.8.1

v1.8.2

v1.8.3

v1.8.4

v1.8.5

v2.*

v2.0.1

v2.0.2

v2.0.3

v2.0.4

v2.0.5

v2.0.6

v2.0.7

v2.0.8

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-37916.json"