[Suggested description]
Cross SIte Scripting (XSS) vulnerability exists in KindEditor 4.1.x via
a Google search inurl:/examples/uploadbutton.html and then the .html
file on the website that uses this editor (the file suffix is allowed).
[Attack Vectors]
You just need to search in google: inurl:/examples/uploadbutton.html,
Then upload the .html file on the website that uses this editor (the file suffix is allowed)
The text was updated successfully, but these errors were encountered:
The text was updated successfully, but these errors were encountered: