- Description
- Firepad through 1.5.11 allows remote attackers, who have knowledge of a pad ID, to retrieve both the current text of a document and all content that has previously been pasted into the document. NOTE: in several similar products, this is the intentional behavior for anyone who knows the full document ID and corresponding URL. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
- CNA Tags
- unsupported-when-assigned
CVSS 3.1
- Type
- Secondary
- Base score
- 5.3
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-125
- Hype score
- Not currently trending
CVE-2024-51210 Firepad Remote Data Retrieval Vulnerability in Unsupported Versions Firepad up to version 1.5.11 has a vulnerability. Attackers can get the current text and all pasted content from a document if th... https://t.co/isjRlc3TZo
@VulmonFeeds
4 Dec 2024
37 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-51210 Firepad through 1.5.11 allows remote attackers, who have knowledge of a pad ID, to retrieve both the current text of a document and all content that has previously be… https://t.co/Pmv8dq0W1R
@CVEnew
4 Dec 2024
424 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
1 Quote