VYPR

Kindeditor

by Kindsoft

Source repositories

CVEs (2)

  • CVE-2020-28717MedAug 11, 2023
    risk 0.40cvss 6.1epss 0.00

    Cross Site Scripting (XSS) vulnerability in content1 parameter in demo.jsp in kindsoft kindeditor version 4.1.12, allows attackers to execute arbitrary code.

  • CVE-2017-1002024MedSep 14, 2017
    risk 0.28cvss 4.3epss 0.01

    Vulnerability in web application Kind Editor v4.1.12, kindeditor/php/upload_json.php does not check authentication before allow users to upload files.