Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2021/10/18 7:44 p.m.45 views

Cross Site Request Forgery in kindeditor

Cross Site Request Forgery CSRF vulnerability exists in KindEditor 4.1.x. First, you upload an html file containing csrf on the website that uses a google editor, you only need to search in google: inurl:/examples/uploadbutton.html and then use the authority of this website to trick users into...

8.8CVSS0.9AI score0.00957EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2021/10/14 5:15 p.m.25 views

CVE-2021-42228

A Cross Site Request Forgery CSRF vulnerability exists in KindEditor 4.1.x, as demonstrated by examples/uploadbutton.html...

8.8CVSS0.00957EPSS
Exploits1References1
OSV
OSV
added 2021/10/14 5:15 p.m.21 views

CVE-2021-42228

A Cross Site Request Forgery CSRF vulnerability exists in KindEditor 4.1.x, as demonstrated by examples/uploadbutton.html...

8.8CVSS8.8AI score
Exploits0References1
Cvelist
Cvelist
added 2021/10/14 4:38 p.m.33 views

CVE-2021-42228

A Cross Site Request Forgery CSRF vulnerability exists in KindEditor 4.1.x, as demonstrated by examples/uploadbutton.html...

9.1AI score0.00957EPSS
Exploits1References1
CVE
CVE
added 2021/10/14 4:38 p.m.64 views

CVE-2021-42228

CVE-2021-42228 describes a Cross Site Request Forgery (CSRF) vulnerability in KindEditor 4.1.x, demonstrated by examples/uploadbutton.html. The CVE is corroborated across multiple records (NVD, CVE List, GHSA, OSV, CNVD, CNNVD) with consistent wording that the editor is vulnerable to CSRF. No con...

8.8CVSS8.8AI score0.00957EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder