CVE-2015-2298
The vulnerability CVE-2015-2298 affects Etherpad Lite 1.5.x prior to 1.5.2, specifically in node/utils/ExportEtherpad.js. A flawed substring check when exporting a padID can allow a remote attacker to obtain sensitive information from the pad. This is a client-tolerated information disclosure ris...