The following table lists the changes that have been made to the
CVE-2024-55630 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution
of a vulnerability, and for identifying the most recent changes that may
impact the vulnerability’s severity, exploitability, or other characteristics.
Feb. 07, 2025
| Action | Type | Old Value | New Value |
|---|---|---|---|
| Added | Description | Joplin is a free, open source note taking and to-do application, which can handle a large number of notes organised into notebooks. Joplin’s HTML sanitizer allows the `name` attribute to be specified. If `name` is set to the same value as an existing `document` property (e.g. `querySelector`), that property is replaced with the element. This vulnerability’s only known impact is denial of service. The note viewer fails to refresh until closed and re-opened with a different note. This issue has been addressed in version 3.2.8 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | |
| Added | CVSS V3.1 | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L | |
| Added | CWE | CWE-20 | |
| Added | Reference | https://en.wikipedia.org/wiki/DOM_clobbering | |
| Added | Reference | https://github.com/laurent22/joplin/commit/e70efcbd60ce62f06e77c183b362c74e636c02d9 | |
| Added | Reference | https://github.com/laurent22/joplin/security/advisories/GHSA-5cch-jr52-qffh |
CVE ID : CVE-2025-10304 Published : Dec. 3, 2025, 3:27 a.m. | 26 minutes ago Description : The Everest Backup –
CVE ID : CVE-2025-12585 Published : Dec. 3, 2025, 3:27 a.m. | 26 minutes ago Description : The MxChat – AI
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
