In Etherpad < 1.8.3, a specially crafted URI would raise an unhandled exception in the cache mechanism and cause a denial of service (crash the instance). Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22781 Reference (s):
- https://github.com/ether/etherpad-lite/issues/3502