CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-34816

An Argument Injection issue in the plugin management of Etherpad 1.8.13 allows privileged users to execute arbitrary code on the server by installing plugins from an attacker-controlled source.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 62.5%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 6.5

References

https://blog.sonarsource.com/etherpad-code-execution-vulnerabilities
https://github.com/ether/etherpad-lite/releases
https://blog.sonarsource.com/etherpad-code-execution-vulnerabilities
https://github.com/ether/etherpad-lite/releases

Products affected by CVE-2021-34816

Etherpad » Etherpad » Version: 1.8.13

cpe:2.3:a:etherpad:etherpad:1.8.13

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-34816

Products

Pricing

Contact Us