2 matches found
CVE-2017-14744
UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element...
CVE-2017-14744
UEditor 1.4.3.3 is vulnerable to cross-site scripting via the SRC attribute of an IFRAME element. The issue is documented across multiple sources (NVD, CNVD, Red Hat, CVE lists) and is consistently described as an XSS in Baidu/UEditor, with no explicit remediation or patch version provided in the...