Cross Site Scripting (XSS) vulnerability exists in all versions of KindEditor, which can be exploited by an malicious user to obtain user cookie information.
kindsoft kindeditor -