Vulnerabilities (CVE)

Filtered by vendor Etherpad Subscribe
Filtered by product Etherpad Lite
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-9845 1 Etherpad 1 Etherpad Lite 2024-11-21 7.5 HIGH 9.8 CRITICAL
Etherpad Lite before 1.6.4 is exploitable for admin access.
CVE-2018-6834 1 Etherpad 1 Etherpad Lite 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
static/js/pad_utils.js in Etherpad Lite before v1.6.3 has XSS via window.location.href.