firepad@1.5.2 vulnerabilities

Collaborative text editing powered by Firebase

Direct Vulnerabilities

Known vulnerabilities in the firepad package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
Information Exposure

firepad is a Collaborative text editing powered by Firebase

Affected versions of this package are vulnerable to Information Exposure through the document access feature. An attacker can retrieve both the current text and all historical content of a document by knowing the pad ID.

Notes:

  1. This is only exploitable if the attacker has knowledge of the pad ID.

  2. This vulnerability only affects products that are no longer supported by the maintainer.

How to fix Information Exposure?

There is no fixed version for firepad.

*