Find real vulnerabilities before they ship
Vulnerability Database › npm › CVE-2021-37916
Joplin before 2.0.9 allows XSS via button and form in the note body.
Base Score