4 matches found
EUVD-2018-5967
Malware in sbrugna...
CVE-2018-14037
CVE-2018-14037 is a cross-site scripting vulnerability in Progress Kendo UI Editor v2018.1.221. The issue arises from the editorNS.Serializer toEditableHtml function in kendo.all.min.js, enabling an attacker to inject arbitrary JavaScript into the editor’s DOM. If a victim loads the editor, the p...
Progress Kendo UI Editor 2018.1.221 Cross Site Scripting
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored Cross-Site Scripting product: Progress Kendo UI Editor vulnerable version: v2018.1.221 fixed version: none, see workaround CVE number: CVE-2018-14037 impact: mediu...
Progress Kendo UI Editor Cross-Site Scripting Vulnerability
Progress Kendo UI Editor is a complete UI toolkit for web development. A cross-site scripting vulnerability exists in Progress Kendo UI Editor that allows an attacker to execute JavaScript within the context of the editor itself...