CVE-2021-34816

Published July 21st, 2021

View on NVD ↗

CVSS v3

7.2

HIGH

CVSS v2

6.5

MEDIUM

Affected

PROJECT

Description

An Argument Injection issue in the plugin management of Etherpad 1.8.13 allows privileged users to execute arbitrary code on the server by installing plugins from an attacker-controlled source.

ether/etherpad

Etherpad: A modern really-real-time collaborative document editor.

GitHub

18.4K