Vulnerabilities > Kindsoft > Kindeditor > 4.1.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-14 | CVE-2021-42227 | Cross-site Scripting vulnerability in Kindsoft Kindeditor Cross SIte Scripting (XSS) vulnerability exists in KindEditor 4.1.x via a Google search inurl:/examples/uploadbutton.html and then the .html file on the website that uses this editor (the file suffix is allowed). | 4.3 |
| 2021-10-14 | CVE-2021-42228 | Cross-Site Request Forgery (CSRF) vulnerability in Kindsoft Kindeditor A Cross Site Request Forgery (CSRF) vulnerability exists in KindEditor 4.1.x, as demonstrated by examples/uploadbutton.html. | 6.8 |