Vulnerabilities > Etherpad > Etherpad Lite > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-02-08 CVE-2018-6834 Cross-site Scripting vulnerability in Etherpad Lite
static/js/pad_utils.js in Etherpad Lite before v1.6.3 has XSS via window.location.href.
network
low complexity
etherpad CWE-79
6.1
6.1