kindeditor is vulnerable to directory traversal attacks. The vulnerability exists in php/upload_json.php
where directory information can be listed in the kindeditor/attached/
folder via the path
parameter.
CPE | Name | Operator | Version |
---|---|---|---|
kindeditor | eq | 4.1.10 | |
kind-editor | le | 4.1.11 |