Laurent Cozic

9 exploits Active since Jun 2018
CVE-2018-1000534 WRITEUP MEDIUM WRITEUP
Joplin <1.0.90 - XSS
Joplin version prior to 1.0.90 contains a XSS evolving into code execution due to enabled nodeIntegration for that particular BrowserWindow instance where XSS was identified from vulnerability in Note content field - information on the fix can be found here https://github.com/laurent22/joplin/commit/494e235e18659574f836f84fcf9f4d4fcdcfcf89 that can result in executing unauthorized code within the rights in which the application is running. This attack appear to be exploitable via Victim synchronizing notes from the cloud services or other note-keeping services which contain malicious code. This vulnerability appears to have been fixed in 1.0.90 and later.
CVSS 6.1
CVE-2021-23431 WRITEUP MEDIUM WRITEUP
Joplin < 2.3.2 - CSRF
The package joplin before 2.3.2 are vulnerable to Cross-site Request Forgery (CSRF) due to missing CSRF checks in various forms.
CVSS 5.4
CVE-2021-33295 WRITEUP MEDIUM WRITEUP
Joplin Desktop App <1.8.5 - XSS
Cross Site Scripting (XSS) vulnerability in Joplin Desktop App before 1.8.5 allows attackers to execute aribrary code due to improper sanitizing of html.
CVSS 5.4
CVE-2021-37916 WRITEUP MEDIUM WRITEUP
Joplin < 2.0.9 - XSS
Joplin before 2.0.9 allows XSS via button and form in the note body.
CVSS 6.1
CVE-2022-45598 WRITEUP MEDIUM WRITEUP
Joplin < 2.9.17 - XSS
Cross Site Scripting vulnerability in Joplin Desktop App before v2.9.17 allows attacker to execute arbitrary code via improper santization.
CVSS 6.1
CVE-2023-37298 WRITEUP MEDIUM WRITEUP
Joplin < 2.11.5 - XSS
Joplin before 2.11.5 allows XSS via a USE element in an SVG document.
CVSS 6.1
CVE-2023-37299 WRITEUP MEDIUM WRITEUP
Joplin < 2.11.5 - XSS
Joplin before 2.11.5 allows XSS via an AREA element of an image map.
CVSS 6.1
CVE-2025-24028 WRITEUP HIGH WRITEUP
Joplin < 3.2.12 - XSS
Joplin is a free, open source note taking and to-do application, which can handle a large number of notes organised into notebooks. This vulnerability is caused by differences between how Joplin's HTML sanitizer handles comments and how the browser handles comments. This affects both the Rich Text Editor and the Markdown viewer. However, unlike the Rich Text Editor, the Markdown viewer is `cross-origin isolated`, which prevents JavaScript from directly accessing functions/variables in the toplevel Joplin `window`. This issue is not present in Joplin 3.1.24 and may have been introduced in `9b50539`. This is an XSS vulnerability that impacts users that open untrusted notes in the Rich Text Editor. This vulnerability has been addressed in version 3.2.12 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS 7.8
CVE-2025-27134 WRITEUP HIGH WRITEUP
Joplin 3.3.3 Server - Privilege Escalation
Joplin is a free, open source note taking and to-do application, which can handle a large number of notes organised into notebooks. Prior to version 3.3.3, a privilege escalation vulnerability exists in the Joplin server, allowing non-admin users to exploit the API endpoint `PATCH /api/users/:id` to set the `is_admin` field to 1. The vulnerability allows malicious low-privileged users to perform administrative actions without proper authorization. This issue has been patched in version 3.3.3.
CVSS 8.8