Description
Joplin before 2.11.5 allows XSS via an AREA element of an image map.
Remediation
References
https://github.com/laurent22/joplin/commit/9e90d9016daf79b5414646a93fd369aedb035071
https://github.com/laurent22/joplin/releases/tag/v2.11.5
https://vuln.ryotak.net/advisories/68
Related Vulnerabilities
CVE-2021-34429 Vulnerability in maven package org.eclipse.jetty:jetty-webapp
CVE-2023-45135 Vulnerability in maven package org.xwiki.platform:xwiki-platform-web-war
CVE-2020-11971 Vulnerability in maven package org.apache.camel:camel-main
CVE-2020-7637 Vulnerability in maven package org.webjars.npm:class-transformer
CVE-2023-26487 Vulnerability in maven package org.webjars.npm:vega