First published: Sat Oct 19 2019(Updated: )
templates/pad.html in Etherpad-Lite 1.7.5 has XSS when the browser does not encode the path of the URL, as demonstrated by Internet Explorer.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Etherpad Etherpad | =1.7.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.