CVE-2020-22783

Etherpad <1.8.3 stored passwords used by users insecurely in the database and in log files. This affects every database backend supported by Etherpad.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
VendorProductVersion
etherpadetherpad
𝑥
< 1.8.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/ether/etherpad-lite/commit/53f126082a8b3d094e48b159f0f0bc8a5db4b2f4
https://github.com/ether/etherpad-lite/issues/3421
https://github.com/ether/etherpad-lite/commit/53f126082a8b3d094e48b159f0f0bc8a5db4b2f4
https://github.com/ether/etherpad-lite/issues/3421