kindeditor
summary
Directory Traversal
affected versions
*
severity
7.5

Overview

kindeditor is a lightweight, Open Source(LGPL), cross browser, web based WYSIWYG HTML editor.

This package is vulnerable to Directory Traversal Attacks. A malicious user can browse a file or directory in the kindeditor/attached/ folder via the path parameter without authentication.

References

Cash
$25
XP
750

Popularity
585

1.68K
0