Vulnerabilities > Xwiki > Cryptpad > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-11 | CVE-2019-15302 | Improper Resource Shutdown or Release vulnerability in Xwiki Cryptpad The pad management logic in XWiki labs CryptPad before 3.0.0 allows a remote attacker (who has access to a Rich Text pad with editing rights for the URL) to corrupt it (i.e., cause data loss) via a trivial URL modification. | 5.5 |
| 2017-07-17 | CVE-2017-1000051 | Cross-site Scripting vulnerability in Xwiki Cryptpad Cross-site scripting (XSS) vulnerability in pad export in XWiki labs CryptPad before 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the pad content | 4.3 |