CVE-2019-15302

The pad management logic in XWiki labs CryptPad before 3.0.0 allows a remote attacker who has access to a Rich Text pad with editing rights for the URL to corrupt it i.e., cause data loss via a trivial URL modification...