Ueditor Security Vulnerabilities and Issues — Ueditor CVE List

Lucene search

BaiduUeditor

4 matches found

CVE•added 2024/08/01 5:15 a.m.•63 views

CVE-2024-7342

A vulnerability was found in Baidu UEditor 1.4.3.3. It has been classified as problematic. This affects an unknown part of the file /ueditor/php/controller.php?action=uploadfile&encode=utf-8. The manipulation of the argument upfile leads to unrestricted upload. It is possible to initiate the attack...

6.1CVSS4AI score0.00118EPSS

CVE•added 2017/09/26 6:29 a.m.•49 views

CVE-2017-14744

UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element.

6.1CVSS6AI score0.00301EPSS

CVE•added 2024/08/01 5:15 a.m.•45 views

CVE-2024-7343

A vulnerability was found in Baidu UEditor 1.4.2. It has been declared as problematic. This vulnerability affects unknown code of the file /ueditor142/php/controller.php?action=catchimage. The manipulation of the argument source[] leads to cross site scripting. The attack can be initiated remotely....

6.1CVSS3.8AI score0.00099EPSS

CVE•added 2021/09/28 7:15 p.m.•32 views

CVE-2021-37271

Cross Site Scripting (XSS) vulnerability exists in UEditor v1.4.3.3, which can be exploited by an attacker to obtain user cookie information.

5.4CVSS5.2AI score0.00206EPSS