org.webjars.bowergithub.kindsoft:kindeditor@4.1.12 vulnerabilities
-
latest version
4.1.12
-
first published
5 years ago
-
latest version published
5 years ago
-
licenses detected
- [4.1.12,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.webjars.bowergithub.kindsoft:kindeditor package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization passed into the How to fix Cross-site Scripting (XSS)? There is no fixed version for |
[0,)
|
Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF) via a malicious HTML file being uploaded to a website that uses google editor. Note: This requires a victim to click on the generated malicious link. How to fix Cross-site Request Forgery (CSRF)? There is no fixed version for |
[0,)
|
Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via a Google search of How to fix Cross-site Scripting (XSS)? There is no fixed version for |
[0,)
|
Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via an unknown attack vector, affecting the Chinese versions of KindEditor. This can be exploited by an attacker to obtain user cookie information. How to fix Cross-site Scripting (XSS)? There is no fixed version for |
[0,)
|
Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via an unknown attack vector. This can be exploited by an attacker to obtain user cookie information. How to fix Cross-site Scripting (XSS)? There is no fixed version for |
[0,)
|
kindeditor is a lightweight, Open Source(LGPL), cross browser, web based WYSIWYG HTML editor. Affected versions of this package are vulnerable to Directory Traversal Attacks. A malicious user can browse a file or directory in the How to fix Directory Traversal? There is no fix version for |
[0,)
|