KindEditor 4.1.2 Cross Site Scripting

Risk: Low
Local: No
Remote: Yes

KindEditor 4.1.2 (name parameter) Reflected XSS Vulnerability Vendor: Shanghai Hao Yue Software Co., Ltd. Product web page: Affected version: 4.1.2 and 4.0.6 Summary: KindEditor online HTML editor is a set of open source, mainly for users on the site to get WYSIWYG editing effects, developers can replace the traditional multi-line text input box (textarea) KindEditor rich visualization text input box. Desc: KindEditor is prone to a reflected cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'name' parameter thru the 'index.php' script. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's browser session. --------------------------------- snip --------------------------------- /index.php: ---------- Line 14: editor = K.create('textarea[name="<?php echo $name; ?>"]', { --------------------------------- snip --------------------------------- Tested on: Microsoft Windows 7 Ultimate SP1 (EN) Apache 2.4.2 (Win32) PHP 5.4.4 MySQL 5.5.25a Vulnerability discovered by Gjoko 'LiquidWorm' Krstic @zeroscience Advisory ID: ZSL-2012-5100 Advisory URL: 21.08.2012 --- http://localhost/kindeditor/index.php?name=<pre><script>alert('XSS');</script>by ZSL!</pre>


Vote for this issue:


Thanks for you vote!


Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024,


Back to Top