Leanote: >> Leanote >> 2.6.2 Security Vulnerabilities
Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled during syncing. This leads to remote code execution because of Node integration.
CVSS Score
9.6
EPSS Score
0.013
Published
2020-09-30
Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled when the batch feature is triggered. This leads to remote code execution because of Node integration.
CVSS Score
9.6
EPSS Score
0.013
Published
2020-09-30