The pad management logic in XWiki labs CryptPad prior to 3.0.0 allows a remote attacker (who has access to a Rich Text pad with editing rights for the URL) to corrupt it (i.e., cause data loss) via a trivial URL modification.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xwiki cryptpad |