4 matches found
CVE-2024-53387
CVE-2024-53387 affects umeditor v1.2.3 and is described as a DOM Clobbering vulnerability that allows arbitrary code execution via a crafted HTML element. The root cause is a DOM clobber issue in the editor component; exploitation requires user interaction (per CVSS vector). Impact is high (C/H/I...
CVE-2020-18145
Cross Site Scripting XSS vulnerability in umeditor v1.2.3 via /public/common/umeditor/php/getcontent.php...
CVE-2020-18145
Cross Site Scripting XSS vulnerability in umeditor v1.2.3 via /public/common/umeditor/php/getcontent.php...
CVE-2020-18145
UMeditor 1.2.3 is affected by a Cross Site Scripting (XSS) vulnerability exploitable via /public/common/umeditor/php/getcontent.php. The issue originates from a flaw in how input is handled, enabling an attacker to inject and execute client-side code. Affected component/file: getcontent.php in um...