Products
Joplin
- 2.13.3
Source
security-advisories@github.com
Tags
CVE-2023-45673 details
Last Modified : June 21, 2024, 8:15 p.m.
Description
Joplin is a free, open source note taking and to-do application. A remote code execution (RCE) vulnerability in affected versions allows clicking on a link in a PDF in an untrusted note to execute arbitrary shell commands. Clicking links in PDFs allows for arbitrary code execution because Joplin desktop: 1. has not disabled top redirection for note viewer iframes, and 2. and has node integration enabled. This is a remote code execution vulnerability that impacts anyone who attaches untrusted PDFs to notes and has the icon enabled. This issue has been addressed in version 2.13.3. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8.9 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|---|---|
| CWE-94 | Improper Control of Generation of Code ('Code Injection') | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
CVSS Data
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
Base Score
8.9
Exploitability Score
2.3
Impact Score
6.0
Base Severity
HIGH
Vector String : CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L
References
| URL | Source |
|---|---|
| https://developer.mozilla.org/en-US/docs/Web/HTML/Element/iframe#sandbox | security-advisories@github.com |
| https://github.com/laurent22/joplin/security/advisories/GHSA-g8qx-5vcm-3x59 | security-advisories@github.com |