6.1CVSS
6AI Score
0.001EPSS
Cross Site Scripting (XSS) vulnerability exists in UEditor v1.4.3.3, which can be exploited by an attacker to obtain user cookie information.
5.4CVSS
5.2AI Score
0.001EPSS
A vulnerability was found in Baidu UEditor 1.4.3.3. It has been classified as problematic. This affects an unknown part of the file /ueditor/php/controller.php?action=uploadfile&encode=utf-8. The manipulation of the argument upfile leads to unrestricted upload. It is possible to initiate the attack...
6.1CVSS
4AI Score
0.001EPSS
A vulnerability was found in Baidu UEditor 1.4.2. It has been declared as problematic. This vulnerability affects unknown code of the file /ueditor142/php/controller.php?action=catchimage. The manipulation of the argument source[] leads to cross site scripting. The attack can be initiated remotely....
6.1CVSS
3.8AI Score
0.001EPSS