CVE-2023-45673

Published: Jun 21, 2024Modified: Apr 11, 2025

9.0

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

Exploitability: 2.3 / Impact: 6.0

Source: NVD

Description

Joplin is a free, open source note taking and to-do application. A remote code execution (RCE) vulnerability in affected versions allows clicking on a link in a PDF in an untrusted note to execute arbitrary shell commands. Clicking links in PDFs allows for arbitrary code execution because Joplin desktop: 1. has not disabled top redirection for note viewer iframes, and 2. and has node integration enabled. This is a remote code execution vulnerability that impacts anyone who attaches untrusted PDFs to notes and has the icon enabled. This issue has been addressed in version 2.13.3. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Affected (1)

Products: Joplin Project: Joplin

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Joplin Project Joplin	Before 2.13.3

Related CWEs

Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References (4)

https://developer.mozilla.org/en-US/docs/Web/HTML/Element/iframe#sandbox

Source: security-advisories@github.com

Technical Description

https://github.com/laurent22/joplin/security/advisories/GHSA-g8qx-5vcm-3x59

Source: security-advisories@github.com

ExploitVendor Advisory

https://developer.mozilla.org/en-US/docs/Web/HTML/Element/iframe#sandbox

Source: af854a3a-2127-422b-91ae-364da2661108

Technical Description

https://github.com/laurent22/joplin/security/advisories/GHSA-g8qx-5vcm-3x59

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitVendor Advisory

Timeline

No history available yet.