Product:

Kindeditor

(Kindsoft)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 7
Date Id Summary Products Score Patch Annotated
2021-09-28 CVE-2021-30086 Cross Site Scripting (XSS) vulnerability exists in KindEditor (Chinese versions) 4.1.12, which can be exploited by an attacker to obtain user cookie information. Kindeditor 6.1
2021-09-28 CVE-2021-37267 Cross Site Scripting (XSS) vulnerability exists in all versions of KindEditor, which can be exploited by an attacker to obtain user cookie information. Kindeditor 6.1
2021-10-14 CVE-2021-42227 Cross SIte Scripting (XSS) vulnerability exists in KindEditor 4.1.x via a Google search inurl:/examples/uploadbutton.html and then the .html file on the website that uses this editor (the file suffix is allowed). Kindeditor 6.1
2021-10-14 CVE-2021-42228 A Cross Site Request Forgery (CSRF) vulnerability exists in KindEditor 4.1.x, as demonstrated by examples/uploadbutton.html. Kindeditor 8.8
2023-08-11 CVE-2020-28717 Cross Site Scripting (XSS) vulnerability in content1 parameter in demo.jsp in kindsoft kindeditor version 4.1.12, allows attackers to execute arbitrary code. Kindeditor 6.1
2017-09-14 CVE-2017-1002024 Vulnerability in web application Kind Editor v4.1.12, kindeditor/php/upload_json.php does not check authentication before allow users to upload files. Kind_editor, Kindeditor 4.3
2019-02-06 CVE-2019-7543 In KindEditor 4.1.11, the php/demo.php content1 parameter has a reflected Cross-site Scripting (XSS) vulnerability. Kindeditor 6.1