6 matches found
CVE-2021-42227
Cross SIte Scripting XSS vulnerability exists in KindEditor 4.1.x via a Google search inurl:/examples/uploadbutton.html and then the .html file on the website that uses this editor the file suffix is allowed...
CVE-2021-42228
A Cross Site Request Forgery CSRF vulnerability exists in KindEditor 4.1.x, as demonstrated by examples/uploadbutton.html...
Cross site request forgery (csrf)
A Cross Site Request Forgery CSRF vulnerability exists in KindEditor 4.1.x, as demonstrated by examples/uploadbutton.html...
CVE-2021-42228
A Cross Site Request Forgery CSRF vulnerability exists in KindEditor 4.1.x, as demonstrated by examples/uploadbutton.html...
CVE-2021-42227
Cross SIte Scripting XSS vulnerability exists in KindEditor 4.1.x via a Google search inurl:/examples/uploadbutton.html and then the .html file on the website that uses this editor the file suffix is allowed...
CVE-2021-42227
CVE-2021-42227 describes a cross‑site scripting (XSS) vulnerability in KindEditor 4.1.x . The weakness is triggered via the editor’s upload flow, specifically related to the file handling in the upload context (e.g., an upload_json.php path) and exposure through a Google search result pointing to...