Vulnerabilities > Etherpad > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-09-07 | CVE-2015-4085 | Path Traversal vulnerability in Etherpad Directory traversal vulnerability in node/hooks/express/tests.js in Etherpad frontend tests before 1.6.1. | 7.5 |
2017-07-07 | CVE-2015-3297 | Path Traversal vulnerability in Etherpad Directory traversal vulnerability in node/utils/Minify.js in Etherpad 1.1.1 through 1.5.2 allows remote attackers to read arbitrary files by leveraging replacement of backslashes with slashes in the path parameter of HTTP API requests. | 7.5 |