Vulnerabilities > Etherpad > High

DATE CVE VULNERABILITY TITLE RISK
2017-09-07 CVE-2015-4085 Path Traversal vulnerability in Etherpad
Directory traversal vulnerability in node/hooks/express/tests.js in Etherpad frontend tests before 1.6.1.
network
low complexity
etherpad CWE-22
7.5
2017-07-07 CVE-2015-3297 Path Traversal vulnerability in Etherpad
Directory traversal vulnerability in node/utils/Minify.js in Etherpad 1.1.1 through 1.5.2 allows remote attackers to read arbitrary files by leveraging replacement of backslashes with slashes in the path parameter of HTTP API requests.
network
low complexity
etherpad CWE-22
7.5