Filtered by vendor Kindsoft
Subscriptions
Filtered by product Kindeditor
Subscriptions
Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-1002024 | 1 Kindsoft | 2 Kind Editor, Kindeditor | 2024-09-17 | N/A |
| Vulnerability in web application Kind Editor v4.1.12, kindeditor/php/upload_json.php does not check authentication before allow users to upload files. | ||||
| CVE-2019-7543 | 1 Kindsoft | 1 Kindeditor | 2024-09-17 | N/A |
| In KindEditor 4.1.11, the php/demo.php content1 parameter has a reflected Cross-site Scripting (XSS) vulnerability. | ||||
| CVE-2020-28717 | 1 Kindsoft | 1 Kindeditor | 2024-08-04 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability in content1 parameter in demo.jsp in kindsoft kindeditor version 4.1.12, allows attackers to execute arbitrary code. | ||||
| CVE-2021-42227 | 1 Kindsoft | 1 Kindeditor | 2024-08-04 | 6.1 Medium |
| Cross SIte Scripting (XSS) vulnerability exists in KindEditor 4.1.x via a Google search inurl:/examples/uploadbutton.html and then the .html file on the website that uses this editor (the file suffix is allowed). | ||||
| CVE-2021-42228 | 1 Kindsoft | 1 Kindeditor | 2024-08-04 | 8.8 High |
| A Cross Site Request Forgery (CSRF) vulnerability exists in KindEditor 4.1.x, as demonstrated by examples/uploadbutton.html. | ||||
| CVE-2021-37267 | 1 Kindsoft | 1 Kindeditor | 2024-08-04 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability exists in all versions of KindEditor, which can be exploited by an attacker to obtain user cookie information. | ||||
| CVE-2021-30086 | 1 Kindsoft | 1 Kindeditor | 2024-08-03 | 6.1 Medium |
| Cross Site Scripting (XSS) vulnerability exists in KindEditor (Chinese versions) 4.1.12, which can be exploited by an attacker to obtain user cookie information. | ||||
Page 1 of 1.