Filtered by vendor Hexo
Subscriptions
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-39584 | 1 Hexo | 1 Hexo | 2024-09-26 | 7.5 High |
Hexo up to v7.0.0 (RC2) was discovered to contain an arbitrary file read vulnerability. | ||||
CVE-2021-25987 | 1 Hexo | 1 Hexo | 2024-08-03 | 5 Medium |
Hexo versions 0.0.1 to 5.4.0 are vulnerable against stored XSS. The post “body” and “tags” don’t sanitize malicious javascript during web page generation. Local unprivileged attacker can inject arbitrary code. |
Page 1 of 1.