CVE-2023-38487 - HedgeDoc “Note Hiding” Exploit—How Alias Collisions Can Block Access, Enable Phishing, and Denial of Service
Summary:
CVE-2023-38487 exposes a subtle but impactful vulnerability in HedgeDoc, the collaborative markdown note-taking tool. Before version 1.9.9, misuse of its freeURL feature