CVE-2019-17606
The Post editor functionality in the hexo-admin plugin versions 2.3.0 and earlier for Node.js is vulnerable to stored XSS via the content of a post.
6.1CVSS
5.8AI Score
0.001EPSS