Vulnerabilities > Baidu > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-08-01 CVE-2024-7342 Unrestricted Upload of File with Dangerous Type vulnerability in Baidu Ueditor
A vulnerability was found in Baidu UEditor 1.4.3.3.
network
low complexity
baidu CWE-434
6.1
2024-08-01 CVE-2024-7343 Cross-site Scripting vulnerability in Baidu Ueditor 1.4.2
A vulnerability was found in Baidu UEditor 1.4.2.
network
low complexity
baidu CWE-79
6.1
2022-12-22 CVE-2021-36631 Uncontrolled Search Path Element vulnerability in Baidu Baidunetdisk 7.4.3
Untrusted search path vulnerability in Baidunetdisk Version 7.4.3 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
baidu CWE-427
6.7
2021-09-28 CVE-2021-37271 Cross-site Scripting vulnerability in Baidu Ueditor 1.4.3.3
Cross Site Scripting (XSS) vulnerability exists in UEditor v1.4.3.3, which can be exploited by an attacker to obtain user cookie information.
network
low complexity
baidu CWE-79
5.4
2021-07-14 CVE-2020-18145 Cross-site Scripting vulnerability in Baidu Umeditor 1.2.3
Cross Site Scripting (XSS) vulnerability in umeditor v1.2.3 via /public/common/umeditor/php/getcontent.php.
network
low complexity
baidu CWE-79
6.1
2017-09-26 CVE-2017-14744 Cross-site Scripting vulnerability in Baidu Ueditor
UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element.
network
low complexity
baidu CWE-79
6.1