PT-2021-10788 · Etherpad · Etherpad

Fpoulaino

·

Published

2021-04-28

·

Updated

2021-05-05

·

CVE-2020-22781

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Etherpad versions prior to 1.8.3
Description A specially crafted URI can cause a denial of service by raising an unhandled exception in the cache mechanism, leading to a crash of the instance.
Recommendations For versions prior to 1.8.3, update to version 1.8.3 or later to resolve the issue.

Exploit

Fix

DoS

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2020-22781

Affected Products

Etherpad