CVE-2022-35131
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in npm/joplin
Identifiers
CVE-2022-35131, GHSA-ww2v-frv5-pj5x
Package Slug
npm/joplin
Vulnerability
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Description
Joplin v2.8.8 allows attackers to execute arbitrary commands via a crafted payload injected into the Node titles.
Affected Versions
Version 2.8.8
Solution
Unfortunately, there is no solution available yet.
Last Modified
2022-08-01
| source |