Re: [Questions] Vulnerability Report for unauth-etherpad

[Ben Wilson]

Forwarding to Infrastructure Subcommittee for discussion.

On Mon, Feb 24, 2025 at 5:59 AM Herry Poter <cabrows...@gmail.com> wrote:

Hello Team,

I found a security issue in your system.

Vulnerability Type: unauth-etherpad
Severity: [low]
URL: https://scratchpad.cabforum.org

Info: name: Unauthenticated Etherpad
  author: philippedelteil
  severity: low
  description: |
    Finds Etherpad instances that allow adding new notes without authentication.
  classification:
    cpe: cpe:2.3:a:etherpad:etherpad:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: etherpad
    product: etherpad
    shodan-query: http.html:"index.createOpenPad"

Best Regards,
Root

To unsubscribe from this group and stop receiving emails from it, send an email to questions+...@groups.cabforum.org.