Jump to content

(Archived) Possible script execution occurring out of a previously saved note


Recommended Posts

I have been monitoring activity on my ports in the past few days and was surprised to discover evidence that a note that I had saved a couple of days previously appeared to be sending information out of evernote back to the site which I had saved HTML from.

Further investigation shows that Evernote Thumbnailer is being invoked to send that data. This continued even after I cleared by browser cache and cookies.

See attached image.

I looked to see if there was any similar IP traffic associated with other saved notes, but didn't find any, so I assume that for me it was just this one particular web-site. Nonetheless, it appears to be a security hole in Evernote.


Link to comment


This topic is now archived and is closed to further replies.

  • Create New...