Security expert discovered a stored XSS flaw in the Evernote app for Windows that could be exploited to steal files and execute arbitrary commands.

https://securityaffairs.co/wordpress/77789/hacking/evernote-xss-flaw.html