Description

Joplin is a free, open source note taking and to-do application, which can handle a large number of notes organised into notebooks. Prior to version 3.3.3, path traversal is possible in Joplin Server if static file path starts with `css/pluginAssets` or `js/pluginAssets`. The `findLocalFile` function in the `default route` calls `localFileFromUrl` to check for special `pluginAssets` paths. If the function returns a path, the result is returned directly, without checking for path traversal. The vulnerability allows attackers to read files outside the intended directories. This issue has been patched in version 3.3.3.

INFO

Published Date :

2025-04-30T14:55:07.846Z

Last Modified :

2025-04-30T15:11:59.209Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-27409 vulnerability.

Vendors Products
Joplin Project
  • Joplin
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-27409.

URL Resource
https://github.com/laurent22/joplin/pull/11916 cve-icon cve-icon
https://github.com/laurent22/joplin/security/advisories/GHSA-5xv6-7jm3-fmg5 cve-icon cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact