Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

laurent22 — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting laurent22. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Laurent22 primarily develops web applications and APIs, with a core focus on e-commerce platforms. Historically, vulnerabilities attributed to this entity include remote code execution, cross-site scripting (XSS), and privilege escalation, often stemming from input validation flaws and insecure authentication mechanisms. Security assessments reveal consistent patterns in insecure direct object references and server-side request forgery. While no major public incidents have been documented, the cumulative 12 CVEs highlight persistent security challenges in their codebase, particularly in handling user-supplied data and access control implementations.

Top products by laurent22: joplin
CVE IDTitleCVSSSeverityPublished
CVE-2025-27134 Privilege escalation in Joplin server via user patch endpoint — joplinCWE-284 8.8 High2025-04-30
CVE-2025-27409 Joplin Server Vulnerable to Path Traversal — joplinCWE-22 7.5 High2025-04-30
CVE-2025-25187 Cross-site Scripting in Goto Anything allows arbitrary code execution in Joplin — joplinCWE-79 7.8 High2025-02-07
CVE-2025-24028 Cross-site Scripting (XSS) in Rich Text Editor allows arbitrary code execution in Joplin — joplinCWE-79 7.8 High2025-02-07
CVE-2024-55630 DOM Clobbering leads to temporary DOS in the note viewer in Joplin — joplinCWE-20 3.3 Low2025-02-07
CVE-2024-53268 Lack of validation on openExternal allows 1 click remote code execution in joplin — joplinCWE-94 7.3 High2024-11-25
CVE-2024-49362 Remote Code Execution on click of <a> Link in markdown preview — joplinCWE-94 7.7 High2024-11-14
CVE-2024-40643 Joplin has a parsing error leading to Cross-site Scripting (XSS) — joplinCWE-79 9.7 Critical2024-09-09
CVE-2023-37898 Safe mode Cross-site Scripting (XSS) vulnerability in Joplin — joplinCWE-79 8.2 High2024-06-21
CVE-2023-38506 Cross-site Scripting (XSS) when pasting HTML into the rich text editor in Joplin — joplinCWE-79 8.2 High2024-06-21
CVE-2023-39517 Cross site scripting (XSS) when clicking on an untrusted `<map>` link in Joplin — joplinCWE-79 8.2 High2024-06-21
CVE-2023-45673 Arbitrary code execution on click of PDF links in Joplin — joplinCWE-94 8.9 High2024-06-21

This page lists every published CVE security advisory associated with laurent22. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.