Vulnerabilities > Etherpad > Etherpad Lite

DATE CVE VULNERABILITY TITLE RISK
2018-04-29 CVE-2018-9845 Improper Handling of Case Sensitivity vulnerability in Etherpad Lite
Etherpad Lite before 1.6.4 is exploitable for admin access.
network
low complexity
etherpad CWE-178
critical
 9.8
9.8
2018-02-08 CVE-2018-6834 Cross-site Scripting vulnerability in Etherpad Lite
static/js/pad_utils.js in Etherpad Lite before v1.6.3 has XSS via window.location.href.
network
low complexity
etherpad CWE-79
6.1
6.1