Vulnerability Details CVE-2019-18209
templates/pad.html in Etherpad-Lite 1.7.5 has XSS when the browser does not encode the path of the URL, as demonstrated by Internet Explorer.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 47.5%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References