Evernote Security Update [CVE-2018-18524]
Evernote has released a security update to address a cross-site scripting (XSS) vulnerability in their Evernote for Windows desktop client. A local attacker could exploit this vulnerability to execute JavaScript commands on an affected device.
Affected Platforms
- Evernote for Windows – Versions prior to 6.16.1
For further information:
Users are advised to review Evernote’s security releases page and apply the necessary update.
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.