Vulnerabilities > Etherpad > Etherpad > 1.8.13
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-09 | CVE-2021-43802 | Unspecified vulnerability in Etherpad Etherpad is a real-time collaborative editor. | 8.8 |
2021-07-21 | CVE-2021-34816 | Argument Injection or Modification vulnerability in Etherpad 1.8.13 An Argument Injection issue in the plugin management of Etherpad 1.8.13 allows privileged users to execute arbitrary code on the server by installing plugins from an attacker-controlled source. | 6.5 |
2021-07-19 | CVE-2021-34817 | Cross-site Scripting vulnerability in Etherpad 1.8.13 A Cross-Site Scripting (XSS) issue in the chat component of Etherpad 1.8.13 allows remote attackers to inject arbitrary JavaScript or HTML by importing a crafted pad. | 4.3 |