CVE-2025-5011 | moonlightL hexo-boot 4.3.0 Dynamic List Page /admin/home/index.html cross site scripting

Inserito da Angelo Barbosa | Mag 20, 2025 | CVE

A vulnerability classified as problematic was found in moonlightL hexo-boot 4.3.0. This vulnerability affects unknown code of the file /admin/home/index.html of the component Dynamic List Page. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2025-5011. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-5011 | moonlightL hexo-boot 4.3.0 Dynamic List Page /admin/home/index.html cross site scripting

Post correlati

CVE-2025-4473 | Frontend Dashboard Plugin up to 1.0/1.5.10/2.2.7 on WordPress ajax_request authorization

CVE-2024-13753 | webcodingplace Ultimate Classified Listings Plugin up to 1.4 on WordPress update_profile cross-site request forgery

CVE-2024-11644 | WP-SVG Plugin up to 0.9 on WordPress Shortcode Attribute cross site scripting

CVE-2024-5338 | Ruijie RG-UAC up to 20240516 online.php peernode os command injection