CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Kindsoft: >> Kindeditor >> 4.1.1 Security Vulnerabilities

CVE-2021-42227

Cross SIte Scripting (XSS) vulnerability exists in KindEditor 4.1.x via a Google search inurl:/examples/uploadbutton.html and then the .html file on the website that uses this editor (the file suffix is allowed).

CVSS Score

6.1

EPSS Score

0.003

Published

2021-10-14

CVE-2021-42228

A Cross Site Request Forgery (CSRF) vulnerability exists in KindEditor 4.1.x, as demonstrated by examples/uploadbutton.html.

CVSS Score

8.8

EPSS Score

0.002

Published

2021-10-14

Page 1

Vulnerabilities

Vulnerable Software

Kindsoft: >> Kindeditor >> 4.1.1 Security Vulnerabilities

Products

Pricing

Contact Us