CVE-2025-5010 | moonlightL hexo-boot 4.3.0 Blog Backend /admin/home/index.html Description cross site scripting

Inserito da Angelo Barbosa | Mag 20, 2025 | CVE

A vulnerability classified as problematic has been found in moonlightL hexo-boot 4.3.0. This affects an unknown part of the file /admin/home/index.html of the component Blog Backend. The manipulation of the argument Description leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-5010. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2025-5010 | moonlightL hexo-boot 4.3.0 Blog Backend /admin/home/index.html Description cross site scripting

Post correlati

CVE-2025-26467 | Apache Cassandra 4.0.16 permission

CVE-2024-6964 | Tenda O3 1.0.0.10 fromDhcpSetSer dhcpEn/startIP/endIP/preDNS/altDNS/mask/gateway stack-based overflow

CVE-2024-56231 | Debuggers Studio SaasPricing Plugin up to 1.1.4 on WordPress cross site scripting

CVE-2024-47826 | eLabFTW up to 5.1.4 experiments.php cross site scripting (GHSA-cjww-pr9f-4c4w)