2020-09-30 03:35:35
mitre
PUBLISHED
Leanote Desktop through 2.6.2 allows XSS because a notes title is mishandled when the batch feature is triggered. This leads to remote code execution because of Node integration.