Vulnerabilities (CVE)

Filtered by vendor Leanote Subscribe
Filtered by product Desktop
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-1000492 1 Leanote 1 Desktop 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Leanote-desktop version v2.5 is vulnerable to a XSS which leads to code execution due to enabled node integration
CVE-2024-0849 1 Leanote 1 Desktop 2024-09-05 N/A 5.5 MEDIUM
Leanote version 2.7.0 allows obtaining arbitrary local files. This is possible because the application is vulnerable to LFR.