Filtered by vendor Etherpad
Subscribe
Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-6835 | 1 Etherpad | 1 Etherpad | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| node/hooks/express/apicalls.js in Etherpad Lite before v1.6.3 mishandles JSONP, which allows remote attackers to bypass intended access restrictions. | |||||
| CVE-2018-9845 | 1 Etherpad | 1 Etherpad Lite | 2019-10-03 | 7.5 HIGH | 9.8 CRITICAL |
| Etherpad Lite before 1.6.4 is exploitable for admin access. | |||||
| CVE-2018-9326 | 1 Etherpad | 1 Etherpad | 2018-05-11 | 7.5 HIGH | 9.8 CRITICAL |
| Etherpad 1.6.3 before 1.6.4 allows an attacker to execute arbitrary code. | |||||