BoostIO/BoostNote-Legacy

GitHub

github.com

Releases100

Frequency2 weeks 5 days

Last Release over 5 years ago

Stars16.9K

This repository is outdated and new Boost Note app is available! We've launched a new Boost Note app which supports real-time collaborative writing. https://github.com/BoostIO/BoostNote-App

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-19924 ↗	May 18, 2021Tuesday, 18 May 2021, 20:15	5.4 MEDIUM	3.5 LOW
In Boostnote 0.12.1, exporting to PDF contains opportunities for XSS attacks.
CVE-2019-12136 ↗	May 16, 2019Thursday, 16 May 2019, 03:29	—	3.5 LOW
There is XSS in BoostIO Boostnote 0.11.15 via a label named mermaid, as demonstrated by a crafted SRC attribute of an IFRAME element.
CVE-2018-13433 ↗	Jul 8, 2018Sunday, 8 July 2018, 12:29	—	4.3 MEDIUM
Boostnote v0.11.7 allows XSS during highlighting of Markdown text, as demonstrated by an onerror attribute of an IMG element.