Show filters
7 Total Results
Displaying 1-7 of 7
Sort by:
Attacker Value
Unknown
CVE-2020-28717
Disclosure Date: August 11, 2023 (last updated February 25, 2025)
Cross Site Scripting (XSS) vulnerability in content1 parameter in demo.jsp in kindsoft kindeditor version 4.1.12, allows attackers to execute arbitrary code.
0
Attacker Value
Unknown
CVE-2021-42228
Disclosure Date: October 14, 2021 (last updated February 23, 2025)
A Cross Site Request Forgery (CSRF) vulnerability exists in KindEditor 4.1.x, as demonstrated by examples/uploadbutton.html.
0
Attacker Value
Unknown
CVE-2021-42227
Disclosure Date: October 14, 2021 (last updated February 23, 2025)
Cross SIte Scripting (XSS) vulnerability exists in KindEditor 4.1.x via a Google search inurl:/examples/uploadbutton.html and then the .html file on the website that uses this editor (the file suffix is allowed).
0
Attacker Value
Unknown
CVE-2021-37267
Disclosure Date: September 28, 2021 (last updated February 23, 2025)
Cross Site Scripting (XSS) vulnerability exists in all versions of KindEditor, which can be exploited by an attacker to obtain user cookie information.
0
Attacker Value
Unknown
CVE-2021-30086
Disclosure Date: September 28, 2021 (last updated February 23, 2025)
Cross Site Scripting (XSS) vulnerability exists in KindEditor (Chinese versions) 4.1.12, which can be exploited by an attacker to obtain user cookie information.
0
Attacker Value
Unknown
CVE-2019-7543
Disclosure Date: February 06, 2019 (last updated November 27, 2024)
In KindEditor 4.1.11, the php/demo.php content1 parameter has a reflected Cross-site Scripting (XSS) vulnerability.
0
Attacker Value
Unknown
CVE-2017-1002024
Disclosure Date: September 14, 2017 (last updated November 26, 2024)
Vulnerability in web application Kind Editor v4.1.12, kindeditor/php/upload_json.php does not check authentication before allow users to upload files.
0
