Vulnerabilities > Etherpad > Etherpad > 1.7.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-09 | CVE-2021-43802 | Unspecified vulnerability in Etherpad Etherpad is a real-time collaborative editor. | 8.8 |
2021-04-28 | CVE-2020-22782 | Unspecified vulnerability in Etherpad Etherpad < 1.8.3 is affected by a denial of service in the import functionality. | 5.0 |
2021-04-28 | CVE-2020-22785 | Allocation of Resources Without Limits or Throttling vulnerability in Etherpad Etherpad < 1.8.3 is affected by a missing lock check which could cause a denial of service. | 5.0 |
2021-04-28 | CVE-2020-22783 | Cleartext Storage of Sensitive Information vulnerability in Etherpad Etherpad <1.8.3 stored passwords used by users insecurely in the database and in log files. | 4.0 |
2021-04-28 | CVE-2020-22781 | SQL Injection vulnerability in Etherpad In Etherpad < 1.8.3, a specially crafted URI would raise an unhandled exception in the cache mechanism and cause a denial of service (crash the instance). | 5.0 |
2019-10-19 | CVE-2019-18209 | Cross-site Scripting vulnerability in Etherpad 1.7.5 templates/pad.html in Etherpad-Lite 1.7.5 has XSS when the browser does not encode the path of the URL, as demonstrated by Internet Explorer. | 4.3 |