CVE-2021-37916

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-37916
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-37916.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-37916
Aliases
Published
2021-08-03T00:15:08.653Z
Modified
2026-03-13T05:06:11.351841Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Joplin before 2.0.9 allows XSS via button and form in the note body.

References

Affected packages

Git / github.com/laurent22/joplin

Affected ranges

Type
GIT
Repo
https://github.com/laurent22/joplin
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
7aca380cfa2d8ce419cce4329a491c025bc071f9
Fixed
feaecf765368f2c273bea3a9fa641ff0da7e6b26
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.0.9"
        }
    ]
}

Affected versions

0.*
0.10.0
android-v0.*
android-v0.10.61
android-v0.10.62
android-v0.10.65
android-v0.10.66
android-v0.10.69
android-v0.10.71
android-v0.10.74
android-v0.10.75
android-v0.10.78
android-v0.10.79
android-v0.10.81
android-v0.10.83
android-v0.10.85
android-v0.10.86
android-v0.10.88
android-v0.10.89
android-v0.10.90
android-v0.10.91
android-v0.10.92
android-v1.*
android-v1.0.100
android-v1.0.101
android-v1.0.102
android-v1.0.103
android-v1.0.104
android-v1.0.106
android-v1.0.107
android-v1.0.110
android-v1.0.112
android-v1.0.113
android-v1.0.114
android-v1.0.115
android-v1.0.116
android-v1.0.118
android-v1.0.119
android-v1.0.120
android-v1.0.122
android-v1.0.123
android-v1.0.124
android-v1.0.125
android-v1.0.127
android-v1.0.128
android-v1.0.129
android-v1.0.131
android-v1.0.132
android-v1.0.133
android-v1.0.135
android-v1.0.138
android-v1.0.140
android-v1.0.141
android-v1.0.142
android-v1.0.143
android-v1.0.148
android-v1.0.151
android-v1.0.174
android-v1.0.175
android-v1.0.176
android-v1.0.177
android-v1.0.178
android-v1.0.179
android-v1.0.181
android-v1.0.200
android-v1.0.201
android-v1.0.224
android-v1.0.225
android-v1.0.232
android-v1.0.233
android-v1.0.234
android-v1.0.235
android-v1.0.236
android-v1.0.237
android-v1.0.238
android-v1.0.239
android-v1.0.240
android-v1.0.241
android-v1.0.242
android-v1.0.243
android-v1.0.244
android-v1.0.245
android-v1.0.246
android-v1.0.248
android-v1.0.251
android-v1.0.252
android-v1.0.253
android-v1.0.254
android-v1.0.255
android-v1.0.260
android-v1.0.261
android-v1.0.269
android-v1.0.271
android-v1.0.276
android-v1.0.277
android-v1.0.279
android-v1.0.281
android-v1.0.282
android-v1.0.283
android-v1.0.284
android-v1.0.289
android-v1.0.290
android-v1.0.291
android-v1.0.292
android-v1.0.293
android-v1.0.294
android-v1.0.299
android-v1.0.303
android-v1.0.304
android-v1.0.305
android-v1.0.306
android-v1.0.307
android-v1.0.308
android-v1.0.309
android-v1.0.310
android-v1.0.311
android-v1.0.312
android-v1.0.313
android-v1.0.314
android-v1.0.315
android-v1.0.316
android-v1.0.317
android-v1.0.318
android-v1.0.319-rc1
android-v1.0.320
android-v1.0.321
android-v1.0.322
android-v1.0.323
android-v1.0.324
android-v1.0.325
android-v1.0.326
android-v1.0.327
android-v1.0.328
android-v1.0.329
android-v1.0.330
android-v1.0.331
android-v1.0.332
android-v1.0.333
android-v1.0.335
android-v1.0.336
android-v1.0.337
android-v1.0.338
android-v1.0.339-3
android-v1.0.340
android-v1.0.94
android-v1.0.95
android-v1.0.97
android-v1.0.98
android-v1.1.1
android-v1.2.1
android-v1.2.2
android-v1.2.3
android-v1.2.4
android-v1.2.5
android-v1.2.6
android-v1.3.10
android-v1.3.11
android-v1.3.13
android-v1.3.3
android-v1.3.7
android-v1.3.8
android-v1.3.9
android-v1.4.11
android-v1.5.1
android-v1.6.2
android-v1.6.3
android-v1.6.4
android-v1.6.5
android-v1.6.6
android-v1.6.7
android-v1.7.1
android-v1.7.2
android-v1.7.3
android-v1.7.4
android-v1.7.5
android-v1.8.1
android-v1.8.2
android-v1.8.3
android-v1.8.4
android-v1.8.5
android-v2.*
android-v2.0.1
cli-v0.*
cli-v0.10.83
cli-v0.10.84
cli-v0.10.85
cli-v0.10.86
cli-v0.10.87
cli-v0.10.90
cli-v0.10.91
cli-v0.10.92
cli-v0.10.93
cli-v1.*
cli-v1.0.100
cli-v1.0.101
cli-v1.0.103
cli-v1.0.104
cli-v1.0.106
cli-v1.0.107
cli-v1.0.108
cli-v1.0.109
cli-v1.0.110
cli-v1.0.113
cli-v1.0.114
cli-v1.0.115
cli-v1.0.116
cli-v1.0.117
cli-v1.0.118
cli-v1.0.119
cli-v1.0.120
cli-v1.0.122
cli-v1.0.123
cli-v1.0.124
cli-v1.0.125
cli-v1.0.126
cli-v1.0.127
cli-v1.0.128
cli-v1.0.129
cli-v1.0.133
cli-v1.0.135
cli-v1.0.136
cli-v1.0.137
cli-v1.0.139
cli-v1.0.140
cli-v1.0.141
cli-v1.0.145
cli-v1.0.146
cli-v1.0.147
cli-v1.0.148
cli-v1.0.149
cli-v1.0.150
cli-v1.0.153
cli-v1.0.154
cli-v1.0.155
cli-v1.0.156
cli-v1.0.157
cli-v1.0.158
cli-v1.0.159
cli-v1.0.160
cli-v1.0.161
cli-v1.0.162
cli-v1.0.163
cli-v1.0.164
cli-v1.0.165
cli-v1.0.166
cli-v1.0.167
cli-v1.0.95
cli-v1.0.96
cli-v1.0.97
cli-v1.0.98
cli-v1.0.99
cli-v1.1.8
cli-v1.2.1
cli-v1.2.2
cli-v1.2.3
cli-v1.3.1
cli-v1.3.2
cli-v1.3.3
cli-v1.4.7
cli-v1.5.1
cli-v1.6.1
cli-v1.6.2
cli-v1.6.3
cli-v1.6.4
cli-v1.8.1
clipper-1.*
clipper-1.0.10
clipper-1.0.12
clipper-1.0.13
clipper-1.0.14
clipper-1.0.15
clipper-1.0.16
clipper-1.0.17
clipper-1.0.18
clipper-1.0.19
clipper-1.0.20
clipper-1.0.21
clipper-1.0.22
clipper-1.0.23
clipper-1.0.25
clipper-1.0.7
clipper-1.0.8
clipper-1.3.1
clipper-1.4.3
clipper-1.6.1
ios-v0.*
ios-v0.10.26
ios-v0.10.6
ios-v0.10.9
ios-v1.*
ios-v1.0.13
ios-v10.*
ios-v10.0.21
ios-v10.0.22
ios-v10.0.23
ios-v10.0.24
ios-v10.0.27
ios-v10.0.29
ios-v10.0.30
ios-v10.0.31
ios-v10.0.33
ios-v10.0.34
ios-v10.0.35
ios-v10.0.36
ios-v10.0.37
ios-v10.0.39
ios-v10.0.40
ios-v10.0.41
ios-v10.0.43
ios-v10.0.44
ios-v10.0.45
ios-v10.0.47
ios-v10.0.48
ios-v10.0.49
ios-v10.0.50
ios-v10.0.51
ios-v10.0.52
ios-v10.0.53
ios-v10.2.0
ios-v10.2.1
ios-v10.3.1
ios-v10.4.1
ios-v10.5.1
ios-v10.6.2
ios-v10.6.3
ios-v10.7.1
ios-v10.7.2
ios-v10.8.1
Other
list
untagged-6ad6c38d382d9cf912e5
plugin-generator-v1.*
plugin-generator-v1.4.5
plugin-generator-v1.5.2
plugin-generator-v1.5.3
plugin-generator-v1.6.10
plugin-generator-v1.6.11
plugin-generator-v1.6.2
plugin-generator-v1.6.3
plugin-generator-v1.6.4
plugin-generator-v1.6.5
plugin-generator-v1.6.6
plugin-generator-v1.6.7
plugin-generator-v1.6.8
plugin-generator-v1.6.9
plugin-generator-v1.7.1
plugin-generator-v1.7.2
plugin-generator-v1.7.3
plugin-generator-v1.8.1
server-v1.*
server-v1.6.4
server-v1.7.2
server-v2.*
server-v2.0.2
server-v2.0.3
server-v2.0.4
server-v2.0.5
server-v2.0.6
server-v2.0.8-beta
server-v2.0.9-beta
v0.*
v0.10.0
v0.10.1
v0.10.14
v0.10.15
v0.10.16
v0.10.17
v0.10.18
v0.10.19
v0.10.2
v0.10.20
v0.10.21
v0.10.22
v0.10.23
v0.10.24
v0.10.25
v0.10.26
v0.10.27
v0.10.28
v0.10.29
v0.10.3
v0.10.30
v0.10.31
v0.10.32
v0.10.33
v0.10.34
v0.10.35
v0.10.36
v0.10.37
v0.10.38
v0.10.39
v0.10.4
v0.10.40
v0.10.41
v0.10.42
v0.10.43
v0.10.44
v0.10.45
v0.10.46
v0.10.47
v0.10.48
v0.10.49
v0.10.5
v0.10.50
v0.10.51
v0.10.52
v0.10.53
v0.10.54
v0.10.55
v0.10.56
v0.10.57
v0.10.58
v0.10.59
v0.10.59-android
v0.10.6
v0.10.60
v0.10.61
v0.10.65
v0.10.7
v0.10.8
v0.10.9
v0.10.92
v1.*
v1.0.100
v1.0.101
v1.0.102
v1.0.103
v1.0.104
v1.0.105
v1.0.106
v1.0.107
v1.0.108
v1.0.109
v1.0.110
v1.0.111
v1.0.112
v1.0.113
v1.0.114
v1.0.115
v1.0.116
v1.0.117
v1.0.118
v1.0.119
v1.0.120
v1.0.123
v1.0.124
v1.0.125
v1.0.126
v1.0.127
v1.0.128
v1.0.129
v1.0.130
v1.0.131
v1.0.132
v1.0.133
v1.0.134
v1.0.135
v1.0.136
v1.0.137
v1.0.138
v1.0.139
v1.0.140
v1.0.142
v1.0.143
v1.0.144
v1.0.145
v1.0.147
v1.0.148
v1.0.149
v1.0.150
v1.0.151
v1.0.152
v1.0.153
v1.0.154
v1.0.155
v1.0.156
v1.0.157
v1.0.158
v1.0.159
v1.0.160
v1.0.161
v1.0.162
v1.0.163
v1.0.164
v1.0.165
v1.0.166
v1.0.167
v1.0.168
v1.0.169
v1.0.170
v1.0.171
v1.0.172
v1.0.173
v1.0.174
v1.0.175
v1.0.176
v1.0.177
v1.0.178
v1.0.179
v1.0.181
v1.0.182
v1.0.183
v1.0.184
v1.0.185
v1.0.186
v1.0.187
v1.0.188
v1.0.189
v1.0.190
v1.0.191
v1.0.192
v1.0.193
v1.0.194
v1.0.195
v1.0.196
v1.0.197
v1.0.198
v1.0.199
v1.0.200
v1.0.201
v1.0.202
v1.0.203
v1.0.204
v1.0.205
v1.0.206
v1.0.207
v1.0.208
v1.0.209
v1.0.210
v1.0.211
v1.0.212
v1.0.213
v1.0.214
v1.0.215
v1.0.216
v1.0.217
v1.0.218
v1.0.219
v1.0.220
v1.0.221
v1.0.222
v1.0.223
v1.0.224
v1.0.225
v1.0.226
v1.0.227
v1.0.228
v1.0.229
v1.0.230
v1.0.231
v1.0.232
v1.0.233
v1.0.234
v1.0.235
v1.0.236
v1.0.237
v1.0.238
v1.0.239
v1.0.240
v1.0.241
v1.0.242
v1.0.243
v1.0.245
v1.0.62
v1.0.63
v1.0.64
v1.0.65
v1.0.66
v1.0.67
v1.0.68
v1.0.69
v1.0.70
v1.0.71
v1.0.72
v1.0.73
v1.0.74
v1.0.75
v1.0.76
v1.0.77
v1.0.78
v1.0.79
v1.0.80
v1.0.81
v1.0.82
v1.0.83
v1.0.84
v1.0.85
v1.0.86
v1.0.87
v1.0.88
v1.0.89
v1.0.90
v1.0.91
v1.0.92
v1.0.93
v1.0.94
v1.0.95
v1.0.96
v1.0.97
v1.0.98
v1.0.99
v1.1.1
v1.1.2
v1.1.244
v1.1.3
v1.1.4
v1.2.1
v1.2.2
v1.2.3
v1.2.4
v1.2.5
v1.2.6
v1.3.1
v1.3.10
v1.3.11
v1.3.14
v1.3.15
v1.3.16
v1.3.17
v1.3.18
v1.3.2
v1.3.3
v1.3.4
v1.3.5
v1.3.6
v1.3.7
v1.3.8
v1.3.9
v1.4.1
v1.4.10
v1.4.11
v1.4.12
v1.4.13
v1.4.15
v1.4.16
v1.4.18
v1.4.19
v1.4.2
v1.4.3
v1.4.4
v1.4.5
v1.4.6
v1.4.7
v1.4.8
v1.4.9
v1.5.1
v1.5.10
v1.5.11
v1.5.12
v1.5.13
v1.5.14
v1.5.2
v1.5.3
v1.5.4
v1.5.5
v1.5.6
v1.5.7
v1.5.8
v1.5.9
v1.6.1
v1.6.2
v1.6.4
v1.6.5
v1.6.6
v1.6.7
v1.6.8
v1.7.1
v1.7.10
v1.7.11
v1.7.2
v1.7.3
v1.7.4
v1.7.5
v1.7.6
v1.7.7
v1.7.8
v1.7.9
v1.8.1
v1.8.2
v1.8.3
v1.8.4
v1.8.5
v2.*
v2.0.1
v2.0.2
v2.0.3
v2.0.4
v2.0.5
v2.0.6
v2.0.7
v2.0.8

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-37916.json"