CVE-2019-15302

Name of the Vulnerable Software and Affected Versions XWiki labs CryptPad versions prior to 3.0.0

Description The issue concerns the pad management logic, allowing a remote attacker with editing rights for a Rich Text pad's URL to cause data loss through a simple URL modification.

Recommendations For versions prior to 3.0.0, update to version 3.0.0 or later to resolve the issue.