3 matches found
KindEditor 4.1.11 - Cross-Site Scripting
KindEditor 4.1.11 contains a cross-site scripting vulnerability via the php/demo.php content1 parameter. id: CVE-2019-7543 info: name: KindEditor 4.1.11 - Cross-Site Scripting author: pikpikcu severity: medium description: KindEditor 4.1.11 contains a cross-site scripting vulnerability via the...
CVE-2019-7543
In KindEditor 4.1.11, the php/demo.php content1 parameter has a reflected Cross-site Scripting XSS vulnerability...
CVE-2019-7543
KindEditor 4.1.11 is affected by a reflected XSS via the php/demo.php content1 parameter. The vulnerability allows an attacker to inject JavaScript that executes in the victim’s browser, potentially leading to session hijacking, defacement, or theft of sensitive information. Root cause: improper ...