Luskabol

**Name of the Vulnerable Software and Affected Versions** Joplin versions prior to 3.0.3 **Description** The issue allows attackers to abuse the lack of filtering of URI schemes in the `openExternal` function to obtain remote code execution in Windows environments. There are no known workarounds for this issue. **Recommendations** For versions prior to 3.0.3, upgrade to version 3.0.3 or later to address the issue. As a temporary workaround, consider disabling the `openExternal` function until a patch is available.