CVE-2024-0849

Published February 7th, 2024

View on NVD ↗

CVSS v3

5

MEDIUM

CVSS v2

N/A

Affected

1

PROJECT

Description

Leanote version 2.7.0 allows obtaining arbitrary local files. This is possible because the application is vulnerable to LFR.

leanote/desktop-app

Leanote Desktop App, based on Electron(atom-shell) http://leanote.org

GitHub

1.56K