CVE-2021-23431
Published
CVSS v3
5.4
MEDIUM
CVSS v2
6.8
MEDIUM
Affected
1
PROJECT
Description
The package joplin before 2.3.2 are vulnerable to Cross-site Request Forgery (CSRF) due to missing CSRF checks in various forms.
Joplin - the privacy-focused note taking app with sync capabilities for Windows, macOS, Linux, Android and iOS.
GitHub