CVE-2021-37267

Cross Site Scripting XSS vulnerability exists in all versions of KindEditor, which can be exploited by an attacker to obtain user cookie information...

CVE-2021-42227

Cross SIte Scripting XSS vulnerability exists in KindEditor 4.1.x via a Google search inurl:/examples/uploadbutton.html and then the .html file on the website that uses this editor the file suffix is allowed...

Reflective Cross-Site Scripting Vulnerability in Kindeditor

KindEditor is a set of open source online HTML editor . Kindeditor suffers from a reflective cross-site scripting vulnerability. Allows an attacker to construct XSS statements , pop-up box operation , to obtain user cookies and other information...

KindEditor 4.1.2 Cross Site Scripting

KindEditor 4.1.2 name parameter Reflected XSS Vulnerability Vendor: Shanghai Hao Yue Software Co., Ltd. Product web page: http://www.kindeditor.net Affected version: 4.1.2 and 4.0.6 Summary: KindEditor online HTML editor is a set of open source, mainly for users on the site to get WYSIWYG editing...

KindEditor 3.5.5 遍历目录漏洞

No description provided by source. 1.http://localhost/67cms/kindeditor/php/filemanagerjson.php?path=/ //path=/，爆出绝对路径D:\AppServ\www\67cms\kindeditor\php\filemanagerjson.php 2.http://localhost/67cms/kindeditor/php/filemanagerjson.php?path=AppServ/www/67cms/ //根据爆出的绝对路径，修改path的值为AppServ/www/67cms/...