Lucene search
+L

12 matches found

redhatcve
redhatcve
added 2025/05/23 6:48 a.m.9 views

CVE-2024-51210

Firepad through 1.5.11 allows remote attackers, who have knowledge of a pad ID, to retrieve both the current text of a document and all content that has previously been pasted into the document. NOTE: in several similar products, this is the intentional behavior for anyone who knows the full...

5.3CVSS6.9AI score0.00487EPSS
Exploits0References1
veracode
veracode
added 2024/12/11 8:26 a.m.9 views

Sensitive Information Exposure

Firepad is vulnerable to Sensitive Information Exposure. The vulnerability is due to improper access controls, allowing attackers with knowledge of a pad ID to retrieve the current document text and all previously pasted content...

5.3CVSS6.6AI score0.00487EPSS
Exploits0References4Affected Software1
vulnersosv
vulnersosv
added 2024/12/04 9:30 p.m.6 views

custom-firepad-toolbar (>=1.0.0 <=1.0.3), devshare (>=0.1.0 <=0.4.0-alpha) +5 more potentially affected by CVE-2024-51210 via firepad (>=1.3.0 <=1.5.11)

firepad NPM version =1.3.0, =1.0.0, =0.1.0, =0.0.50, =0.5.1, =0.9.9 - redux-devshare =0.3.0 Source cves: CVE-2024-51210 Source advisory: OSV:GHSA-4FH7-M2WX-6WFM...

5.3CVSS5.8AI score0.00487EPSS
Exploits0
osv
osv
added 2024/12/04 9:30 p.m.2 views

GHSA-4FH7-M2WX-6WFM Firepad allows insecure document access

Firepad through 1.5.11 allows remote attackers, who have knowledge of a pad ID, to retrieve both the current text of a document and all content that has previously been pasted into the document. NOTE: in several similar products, this is the intentional behavior for anyone who knows the full...

6.3CVSS5.9AI score0.00487EPSS
Exploits0References5
github
github
added 2024/12/04 9:30 p.m.20 views

Firepad allows insecure document access

Firepad through 1.5.11 allows remote attackers, who have knowledge of a pad ID, to retrieve both the current text of a document and all content that has previously been pasted into the document. NOTE: in several similar products, this is the intentional behavior for anyone who knows the full...

5.3CVSS7.2AI score0.00487EPSS
Exploits0References5Affected Software1
nvd
nvd
added 2024/12/04 9:15 p.m.19 views

CVE-2024-51210

Firepad through 1.5.11 allows remote attackers, who have knowledge of a pad ID, to retrieve both the current text of a document and all content that has previously been pasted into the document. NOTE: in several similar products, this is the intentional behavior for anyone who knows the full...

5.3CVSS0.00487EPSS
Exploits0References3
cve
cve
added 2024/12/04 12:0 a.m.71 views

CVE-2024-51210

Firepad 1.5.11 and earlier versions are affected. Remote attackers who know a pad ID can retrieve the current document text and all previously pasted content due to an access-control vulnerability; several listings note this behavior is intentional for known document IDs/URLs. The maintainer-stat...

5.3CVSS7AI score0.00487EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2024/12/04 12:0 a.m.12 views

CVE-2024-51210

Firepad through 1.5.11 allows remote attackers, who have knowledge of a pad ID, to retrieve both the current text of a document and all content that has previously been pasted into the document. NOTE: in several similar products, this is the intentional behavior for anyone who knows the full...

6.9AI score0.00487EPSS
Exploits0References3
cvelist
cvelist
added 2024/12/04 12:0 a.m.29 views

CVE-2024-51210

Firepad through 1.5.11 allows remote attackers, who have knowledge of a pad ID, to retrieve both the current text of a document and all content that has previously been pasted into the document. NOTE: in several similar products, this is the intentional behavior for anyone who knows the full...

0.00487EPSS
Exploits0References3
cnnvd
cnnvd
added 2024/12/04 12:0 a.m.5 views

Firepad 安全漏洞

Firepad is an open source collaborative code and text editor from FirebaseExtended Open Source. A security vulnerability exists in Firepad 1.5.11 and earlier versions, which stems from a vulnerability that allows a remote attacker who knows the pad ID to retrieve the current text of a document, a...

5.3CVSS6.7AI score0.00487EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2024/12/04 12:0 a.m.9 views

PT-2024-34563 · Firepad · Firepad

Name of the Vulnerable Software and Affected Versions: Firepad versions 1.5.11 and earlier Description: The issue allows remote attackers, who have knowledge of a pad ID, to retrieve both the current text of a document and all content that has previously been pasted into the document. This behavi...

5.3CVSS7AI score0.00487EPSS
Exploits0References10
osv
osv
added 2024/12/04 12:0 a.m.9 views

CVE-2024-51210

Firepad through 1.5.11 allows remote attackers, who have knowledge of a pad ID, to retrieve both the current text of a document and all content that has previously been pasted into the document. NOTE: in several similar products, this is the intentional behavior for anyone who knows the full...

5.3CVSS5.3AI score0.00487EPSS
Exploits0References5
Rows per page
Query Builder