5 matches found
EUVD-2022-3913
Malicious code in bioql PyPI...
CVE-2019-17606
The Post editor functionality in the hexo-admin plugin versions 2.3.0 and earlier for Node.js is vulnerable to stored XSS via the content of a post...
hexo-admin plugin for Node.js cross-site scripting vulnerability
hexo-admin plugin for Node.js is a backend administration plugin for use in Node.js. A cross-site scripting vulnerability exists in the Post editor feature in hexo-admin plugin for Node.js version 2.3.0 and earlier, which stems from the lack of proper validation of client-side data in a web...
CVE-2019-17606
The Post editor functionality in the hexo-admin plugin versions 2.3.0 and earlier for Node.js is vulnerable to stored XSS via the content of a post...
CVE-2019-17606
CVE-2019-17606 : The hexo-admin plugin for Node.js (versions ≤ 2.3.0) is vulnerable to stored cross-site scripting via the content of a post in the Post editor. The root cause is lack of proper validation/escaping of user-supplied content, allowing an attacker to inject arbitrary JavaScript that ...