Cross SIte Scripting (XSS) vulnerability exists in KindEditor 4.1.x via a Google search inurl:/examples/uploadbutton.html and then the .html file on the website that uses this editor (the file suffix is allowed).
{ "versions": [ { "introduced": "4.1" }, { "last_affected": "4.1.12" } ] }
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-42227.json"