← Back

Etherpad Lite

etherpad_lite

Vendor: Etherpad • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-9845
1Etherpad
1Etherpad Lite
Nov 21, 2024
Apr 29, 2018
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Etherpad Lite before 1.6.4 is exploitable for admin access.
CVE-2018-6834
1Etherpad
1Etherpad Lite
Nov 21, 2024
Feb 8, 2018
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
static/js/pad_utils.js in Etherpad Lite before v1.6.3 has XSS via window.location.href.