Evernote Security Update [CVE-2018-18524]

Evernote has released a security update to address a cross-site scripting (XSS) vulnerability in their Evernote for Windows desktop client. A local attacker could exploit this vulnerability to execute JavaScript commands on an affected device.

Affected Platforms

  • Evernote for Windows – Versions prior to 6.16.1

For further information:

Users are advised to review Evernote’s security releases page and apply the necessary update.

Duncan Newell

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: