Vulnerabilities > Baidu > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-01 | CVE-2024-7342 | Unrestricted Upload of File with Dangerous Type vulnerability in Baidu Ueditor A vulnerability was found in Baidu UEditor 1.4.3.3. | 6.1 |
| 2024-08-01 | CVE-2024-7343 | Cross-site Scripting vulnerability in Baidu Ueditor 1.4.2 A vulnerability was found in Baidu UEditor 1.4.2. | 6.1 |
| 2022-12-22 | CVE-2021-36631 | Uncontrolled Search Path Element vulnerability in Baidu Baidunetdisk 7.4.3 Untrusted search path vulnerability in Baidunetdisk Version 7.4.3 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 6.7 |
| 2021-09-28 | CVE-2021-37271 | Cross-site Scripting vulnerability in Baidu Ueditor 1.4.3.3 Cross Site Scripting (XSS) vulnerability exists in UEditor v1.4.3.3, which can be exploited by an attacker to obtain user cookie information. | 5.4 |
| 2021-07-14 | CVE-2020-18145 | Cross-site Scripting vulnerability in Baidu Umeditor 1.2.3 Cross Site Scripting (XSS) vulnerability in umeditor v1.2.3 via /public/common/umeditor/php/getcontent.php. | 6.1 |
| 2017-09-26 | CVE-2017-14744 | Cross-site Scripting vulnerability in Baidu Ueditor UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element. | 6.1 |