Описание
Cross site scripting in kindeditor
Cross SIte Scripting (XSS) vulnerability exists in KindEditor 4.1.x via a Google search inurl:/examples/uploadbutton.html and then the .html file on the website that uses this editor (the file suffix is allowed).
Пакеты
Наименование
kindeditor
npm
Затронутые версииВерсия исправления
<= 4.1.12
Отсутствует
Связанные уязвимости
CVSS3: 6.1
nvd
больше 4 лет назад
Cross SIte Scripting (XSS) vulnerability exists in KindEditor 4.1.x via a Google search inurl:/examples/uploadbutton.html and then the .html file on the website that uses this editor (the file suffix is allowed).