Joplin version 2.8.8 allows an external attacker to execute arbitrary commands remotely on any client that opens a link in a malicious markdown file, via Joplin. This is possible because the application does not properly validate the schema/protocol of existing links in the markdown file before passing them to the 'shell.openExternal' function.
References
Link | Resource |
---|---|
https://fluidattacks.com/advisories/skrillex/ | Exploit Third Party Advisory |
https://github.com/laurent22/joplin | Product |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Fluid Attacks
Published: 2022-09-30T16:20:59
Updated: 2022-09-30T16:20:59
Reserved: 2022-09-08T00:00:00
Link: CVE-2022-40277
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-09-30T17:15:13.277
Modified: 2022-10-04T17:20:35.127
Link: CVE-2022-40277
JSON object: View
Redhat Information
No data.
CWE