CVE-2024-53268
CVSS 3.1 Score 7.2 of 10 (high)
Details
Published Nov 25, 2024
CWE ID 94
Summary
CVE-2024-53268 is a critical vulnerability affecting Joplin, an open-source note-taking app used on Windows, macOS, Linux, Android, and iOS platforms. In vulnerable versions, attackers can exploit the application's openExternal function, which lacks URI scheme filtering, to gain remote code execution in Windows environments. This issue has been resolved in version 3.0.3, and users are strongly advised to upgrade as soon as possible. At present, there are no known workarounds for this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share