VulnerableCode Package Details - pkg:nuget/hawk.ueditor@1.4.3.4

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:nuget/hawk.ueditor@1.4.3.4

Essentials
History (2)

purl	pkg:nuget/hawk.ueditor@1.4.3.4

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-b1e5-v65k-4yh8	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') UEdit has XSS via the SRC attribute of an IFRAME element.	CVE-2017-14744
VCID-d1nm-tb92-uyfs	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Cross Site Scripting (XSS) vulnerability exists in UEditor v1.4.3.3, which can be exploited by an attacker to obtain user cookie information.	CVE-2021-37271

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:40:05.994755+00:00	GitLab Importer	Fixing	VCID-d1nm-tb92-uyfs	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/hawk.ueditor/CVE-2021-37271.yml	38.6.0
2026-06-02T04:37:07.112402+00:00	GitLab Importer	Fixing	VCID-b1e5-v65k-4yh8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/hawk.ueditor/CVE-2017-14744.yml	38.6.0