Skip to main content

Vditor

4 CVEs product

Monthly

CVE-2024-39150 MEDIUM This Month

vditor v.3.9.8 and before is vulnerable to Arbitrary file read via a crafted data packet. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Vditor
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2024-34449 npm MEDIUM POC This Month

Vditor 3.10.3 allows XSS via an attribute of an A element. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Vditor
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2022-0350 npm MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 3.8.13. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Vditor
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-0341 npm MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 3.8.12. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Vditor
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
EPSS 0% CVSS 5.9
MEDIUM This Month

vditor v.3.9.8 and before is vulnerable to Arbitrary file read via a crafted data packet. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Vditor
NVD
EPSS 0% CVSS 6.1
MEDIUM POC This Month

Vditor 3.10.3 allows XSS via an attribute of an A element. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Vditor
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 3.8.13. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Vditor
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 3.8.12. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Vditor
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy