Kindsoft Kindeditor

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Kindsoft Kindeditor.

By the Year

In 2026 there have been 0 vulnerabilities in Kindsoft Kindeditor. Kindeditor did not have any published security vulnerabilities last year.

Year	Vulnerabilities	Average Score
2026	0	0.00
2025	0	0.00
2024	0	0.00
2023	1	6.10
2022	0	0.00
2021	4	6.78
2020	0	0.00
2019	1	6.10

It may take a day or so for new Kindeditor vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Kindsoft Kindeditor Security Vulnerabilities

XSS via content1 param in kindsoft KindEditor 4.1.12
CVE-2020-28717 6.1 - Medium - August 11, 2023

Cross Site Scripting (XSS) vulnerability in content1 parameter in demo.jsp in kindsoft kindeditor version 4.1.12, allows attackers to execute arbitrary code.

XSS

A Cross Site Request Forgery (CSRF) vulnerability exists in KindEditor 4.1.x
CVE-2021-42228 8.8 - High - October 14, 2021

A Cross Site Request Forgery (CSRF) vulnerability exists in KindEditor 4.1.x, as demonstrated by examples/uploadbutton.html.

Session Riding

Cross SIte Scripting (XSS) vulnerability exists in KindEditor 4.1.x via a Google search inurl:/examples/uploadbutton.html and then the .html file on the website
CVE-2021-42227 6.1 - Medium - October 14, 2021

Cross SIte Scripting (XSS) vulnerability exists in KindEditor 4.1.x via a Google search inurl:/examples/uploadbutton.html and then the .html file on the website that uses this editor (the file suffix is allowed).

XSS

Cross Site Scripting (XSS) vulnerability exists in all versions of KindEditor
CVE-2021-37267 6.1 - Medium - September 28, 2021

Cross Site Scripting (XSS) vulnerability exists in all versions of KindEditor, which can be exploited by an attacker to obtain user cookie information.

XSS

Cross Site Scripting (XSS) vulnerability exists in KindEditor (Chinese versions) 4.1.12
CVE-2021-30086 6.1 - Medium - September 28, 2021

Cross Site Scripting (XSS) vulnerability exists in KindEditor (Chinese versions) 4.1.12, which can be exploited by an attacker to obtain user cookie information.

XSS

In KindEditor 4.1.11
CVE-2019-7543 6.1 - Medium - February 06, 2019

In KindEditor 4.1.11, the php/demo.php content1 parameter has a reflected Cross-site Scripting (XSS) vulnerability.

XSS

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Kindsoft Kindeditor or by Kindsoft? Click the Watch button to subscribe.

Kindsoft
Vendor

Kindsoft Kindeditor
Product

Kindsoft Kindeditor

Don't miss out!

By the Year

Recent Kindsoft Kindeditor Security Vulnerabilities

XSS via content1 param in kindsoft KindEditor 4.1.12 CVE-2020-28717 6.1 - Medium - August 11, 2023

A Cross Site Request Forgery (CSRF) vulnerability exists in KindEditor 4.1.x CVE-2021-42228 8.8 - High - October 14, 2021

Cross SIte Scripting (XSS) vulnerability exists in KindEditor 4.1.x via a Google search inurl:/examples/uploadbutton.html and then the .html file on the website CVE-2021-42227 6.1 - Medium - October 14, 2021

Cross Site Scripting (XSS) vulnerability exists in all versions of KindEditor CVE-2021-37267 6.1 - Medium - September 28, 2021

Cross Site Scripting (XSS) vulnerability exists in KindEditor (Chinese versions) 4.1.12 CVE-2021-30086 6.1 - Medium - September 28, 2021

In KindEditor 4.1.11 CVE-2019-7543 6.1 - Medium - February 06, 2019