KindEditor 4.1.12 (Chinese versions) XSS Vulnerability: Cookie Information Disclosure

KindEditor 4.1.12 (Chinese versions) XSS Vulnerability: Cookie Information Disclosure

CVE-2021-30086 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Cross Site Scripting (XSS) vulnerability exists in KindEditor (Chinese versions) 4.1.12, which can be exploited by an attacker to obtain user cookie information.

Learn more about our User Device Pen Test.