Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-42228 | 1 Kindsoft | 1 Kindeditor | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A Cross Site Request Forgery (CSRF) vulnerability exists in KindEditor 4.1.x, as demonstrated by examples/uploadbutton.html. | |||||
| CVE-2021-42227 | 1 Kindsoft | 1 Kindeditor | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross SIte Scripting (XSS) vulnerability exists in KindEditor 4.1.x via a Google search inurl:/examples/uploadbutton.html and then the .html file on the website that uses this editor (the file suffix is allowed). | |||||
| CVE-2021-37267 | 1 Kindsoft | 1 Kindeditor | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability exists in all versions of KindEditor, which can be exploited by an attacker to obtain user cookie information. | |||||
| CVE-2021-30086 | 1 Kindsoft | 1 Kindeditor | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability exists in KindEditor (Chinese versions) 4.1.12, which can be exploited by an attacker to obtain user cookie information. | |||||
| CVE-2019-7543 | 1 Kindsoft | 1 Kindeditor | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| In KindEditor 4.1.11, the php/demo.php content1 parameter has a reflected Cross-site Scripting (XSS) vulnerability. | |||||
| CVE-2017-1002024 | 1 Kindsoft | 2 Kind Editor, Kindeditor | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Vulnerability in web application Kind Editor v4.1.12, kindeditor/php/upload_json.php does not check authentication before allow users to upload files. | |||||
| CVE-2020-28717 | 1 Kindsoft | 1 Kindeditor | 2024-02-28 | N/A | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in content1 parameter in demo.jsp in kindsoft kindeditor version 4.1.12, allows attackers to execute arbitrary code. | |||||