KindEditor XSS Vulnerability: User Cookie Information Exposure

KindEditor XSS Vulnerability: User Cookie Information Exposure

CVE-2021-37267 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Cross Site Scripting (XSS) vulnerability exists in all versions of KindEditor, which can be exploited by an attacker to obtain user cookie information.

Learn more about our User Device Pen Test.