Evernote: >> Evernote >> 7.9 Security Vulnerabilities
Evernote before 7.13 GA on macOS allows code execution because the com.apple.quarantine attribute is not used for attachment files, as demonstrated by a one-click attack involving a drag-and-drop operation on a crafted Terminal file.
CVSS Score
7.8
EPSS Score
0.004
Published
2019-09-30
Evernote 7.9 on macOS allows attackers to execute arbitrary programs by embedding a reference to a local executable file such as the /Applications/Calculator.app/Contents/MacOS/Calculator file.
CVSS Score
7.8
EPSS Score
0.027
Published
2019-05-31