CVE-2021-34817

Published July 19th, 2021

View on NVD ↗

CVSS v3

6.1

MEDIUM

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

A Cross-Site Scripting (XSS) issue in the chat component of Etherpad 1.8.13 allows remote attackers to inject arbitrary JavaScript or HTML by importing a crafted pad.

ether/etherpad

Etherpad: A modern really-real-time collaborative document editor.

GitHub

18.4K