4 matches found
SUSE CVE-2018-6835
node/hooks/express/apicalls.js in Etherpad Lite before v1.6.3 mishandles JSONP, which allows remote attackers to bypass intended access restrictions...
CVE-2018-6835
node/hooks/express/apicalls.js in Etherpad Lite before v1.6.3 mishandles JSONP, which allows remote attackers to bypass intended access restrictions...
CVE-2018-6835
node/hooks/express/apicalls.js in Etherpad Lite before v1.6.3 mishandles JSONP, which allows remote attackers to bypass intended access restrictions...
CVE-2018-6835
Etherpad Lite before v1.6.3 contains a vulnerability in node/hooks/express/apicalls.js where JSONP is mishandled, allowing remote attackers to bypass intended access restrictions. The issue is tied to CVE-2018-6835. Affected software/version details from connected sources indicate the fix was rel...