Product
Anote 1.0 is vulnerable to persistent cross-site scripting (CVE-2021-47963), allowing attackers to inject malicious payloads into markdown files, leading to remote code execution when opened by a victim.