CVE-2015-2298

2018-01-12T17:29:00
ID CVE-2015-2298
Type cve
Reporter cve@mitre.org
Modified 2018-01-29T13:31:00

Description

node/utils/ExportEtherpad.js in Etherpad 1.5.x before 1.5.2 might allow remote attackers to obtain sensitive information by leveraging an improper substring check when exporting a padID.