Vendor

Etherpad

Products

CVEs

Across products

Status

Private

Products

CVE	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2015-4085	Hig	0.49	7.5	0.00		Sep 7, 2017	Directory traversal vulnerability in node/hooks/express/tests.js in Etherpad frontend tests before 1.6.1.
CVE-2015-3297	Hig	0.49	7.5	0.04		Jul 7, 2017	Directory traversal vulnerability in node/utils/Minify.js in Etherpad 1.1.1 through 1.5.2 allows remote attackers to read arbitrary files by leveraging replacement of backslashes with slashes in the path parameter of HTTP API requests.

CVE-2015-4085HigSep 7, 2017
risk 0.49cvss 7.5epss 0.00
Directory traversal vulnerability in node/hooks/express/tests.js in Etherpad frontend tests before 1.6.1.
CVE-2015-3297HigJul 7, 2017
risk 0.49cvss 7.5epss 0.04
Directory traversal vulnerability in node/utils/Minify.js in Etherpad 1.1.1 through 1.5.2 allows remote attackers to read arbitrary files by leveraging replacement of backslashes with slashes in the path parameter of HTTP API requests.