Lucene search
K

7 matches found

NVD
NVD
added 2019/09/11 9:15 p.m.17 views

CVE-2019-15302

The pad management logic in XWiki labs CryptPad before 3.0.0 allows a remote attacker who has access to a Rich Text pad with editing rights for the URL to corrupt it i.e., cause data loss via a trivial URL modification...

6.5CVSS6.4AI score0.01358EPSS
Exploits0References2
OSV
OSV
added 2019/09/11 9:15 p.m.23 views

CVE-2019-15302

The pad management logic in XWiki labs CryptPad before 3.0.0 allows a remote attacker who has access to a Rich Text pad with editing rights for the URL to corrupt it i.e., cause data loss via a trivial URL modification...

6.5CVSS6.8AI score
Exploits0References2
Prion
Prion
added 2019/09/11 9:15 p.m.21 views

Design/Logic Flaw

The pad management logic in XWiki labs CryptPad before 3.0.0 allows a remote attacker who has access to a Rich Text pad with editing rights for the URL to corrupt it i.e., cause data loss via a trivial URL modification...

5.5CVSS6.4AI score0.01358EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/09/11 8:38 p.m.19 views

CVE-2019-15302

The pad management logic in XWiki labs CryptPad before 3.0.0 allows a remote attacker who has access to a Rich Text pad with editing rights for the URL to corrupt it i.e., cause data loss via a trivial URL modification...

6.4AI score0.01358EPSS
Exploits0References2
CVE
CVE
added 2019/09/11 8:38 p.m.46 views

CVE-2019-15302

The CVE-2019-15302 issue affects XWiki Labs CryptPad prior to 3.0.0. The pad management logic for Rich Text pads allows a remote attacker with editing rights for a pad’s URL to corrupt the pad (data loss) via a trivial URL modification. The description notes the vulnerability outcome as data loss...

6.5CVSS6.3AI score0.01358EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/07/17 1:18 p.m.24 views

CVE-2017-1000051

Cross-site scripting XSS vulnerability in pad export in XWiki labs CryptPad before 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the pad content...

6.1CVSS5.9AI score
Exploits0References2
CVE
CVE
added 2017/07/13 8:0 p.m.66 views

CVE-2017-1000051

CVE-2017-1000051 is a cross-site scripting (XSS) vulnerability in CryptPad’s pad export feature for XWiki Labs CryptPad versions before 1.1.1. The issue allows remote attackers to inject arbitrary web script or HTML via the pad content. Public descriptions confirm the affected component is the pa...

6.1CVSS6AI score0.01157EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder