Title:Etherpad Lite 安全漏洞 (CVE-2018-9845) Description:Etherpad Lite是Etherpad基金会的一套开源的富文本在线协作软件。 Etherpad Lite 1.6.4之前版本中的webaccess.js文件存在安全漏洞。远程攻击者可通过发送特制的请求利用该漏洞绕过安全限制,获取系统的管理权限。
Description
Etherpad Lite before 1.6.4 is exploitable for admin access.
File Snapshot
id: CVE-2018-9845
info:
name: Etherpad Lite <1.6.4 - Admin Authentication Bypass
author: philip
...
Shenlong Bot has cached this for you
Remarks
1. It is advised to access via the original source first.2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.