Joplin CVE-2022-35131 Description: XSS leading to RCE in Joplin, affecting version 2.8.8 and earlier. Tested and works on Windows and Linux. Reported and Fixed: 2022-06 Technical Overview 1. Create a note with JavaScript payload as title. 2. Press to search for something in the note or title. 3. The payload is executed when shown in the search result. 4. Remote code execution can be achieved by sharing the notebook. Problem: is used with unescaped user input in line 509. The fix is by escaping user input. POC Space cannot be used in the payload, but encoded space can be used. Example payloads: Search for to execute the payload.