Vulnerabilities > Baidu > Ueditor

DATE CVE VULNERABILITY TITLE RISK
2024-08-01 CVE-2024-7342 Unrestricted Upload of File with Dangerous Type vulnerability in Baidu Ueditor
A vulnerability was found in Baidu UEditor 1.4.3.3.
network
low complexity
baidu CWE-434
6.1
2024-08-01 CVE-2024-7343 Cross-site Scripting vulnerability in Baidu Ueditor 1.4.2
A vulnerability was found in Baidu UEditor 1.4.2.
network
low complexity
baidu CWE-79
6.1
2021-09-28 CVE-2021-37271 Cross-site Scripting vulnerability in Baidu Ueditor 1.4.3.3
Cross Site Scripting (XSS) vulnerability exists in UEditor v1.4.3.3, which can be exploited by an attacker to obtain user cookie information.
network
baidu CWE-79
3.5
2017-09-26 CVE-2017-14744 Cross-site Scripting vulnerability in Baidu Ueditor
UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element.
network
baidu CWE-79
4.3