Denial of Service Vulnerability in Etherpad < 1.8.3

Denial of Service Vulnerability in Etherpad < 1.8.3

CVE-2020-22785 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Etherpad < 1.8.3 is affected by a missing lock check which could cause a denial of service. Aggressively targeting random pad import endpoints with empty data would flatten all pads due to lack of rate limiting and missing ownership check.

Learn more about our Web Application Penetration Testing UK.