Description
Joplin before 2.11.5 allows XSS via an AREA element of an image map.
Remediation
References
https://github.com/laurent22/joplin/commit/9e90d9016daf79b5414646a93fd369aedb035071
https://github.com/laurent22/joplin/releases/tag/v2.11.5
https://vuln.ryotak.net/advisories/68
Related Vulnerabilities
CVE-2022-41940 Vulnerability in npm package engine.io
CVE-2022-44621 Vulnerability in maven package org.apache.kylin:kylin-server-base
CVE-2021-23360 Vulnerability in npm package killport
CVE-2019-16762 Vulnerability in npm package slpjs
CVE-2012-3451 Vulnerability in maven package org.apache.cxf:cxf-bundle-minimal