Количество 2
Количество 2
CVE-2021-25987
около 4 лет назад
Hexo versions 0.0.1 to 5.4.0 are vulnerable against stored XSS. The post “body” and “tags” don’t sanitize malicious javascript during web page generation. Local unprivileged attacker can inject arbitrary code.
CVSS3: 5
EPSS: Низкий
GHSA-q54r-r9pr-w7qv
около 4 лет назад
Hexo Vulnerable to XSS
CVSS3: 4.6
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-25987 Hexo versions 0.0.1 to 5.4.0 are vulnerable against stored XSS. The post “body” and “tags” don’t sanitize malicious javascript during web page generation. Local unprivileged attacker can inject arbitrary code. | CVSS3: 5 | 0% Низкий | около 4 лет назад |
| GHSA-q54r-r9pr-w7qv Hexo Vulnerable to XSS | CVSS3: 4.6 | 0% Низкий | около 4 лет назад |
Уязвимостей на страницу
20