2020-09-30 03:35:52
mitre
PUBLISHED
Leanote Desktop through 2.6.2 allows XSS because a notes title is mishandled during syncing. This leads to remote code execution because of Node integration.