2 matches found
CVE-2019-1010005
CVE-2019-1010005 affects HexoEditor v1.1.8-beta. The connected sources describe a cross-site scripting vulnerability that can lead to client-side code execution within the HexoEditor web application, arising from a lack of proper validation of client-side data by the web app. Exploitation details...
CVE-2022-24656
HexoEditor 1.1.8 is affected by Cross Site Scripting (XSS). A common XSS payload placed in a markdown file can execute when opened with the application, reportedly several times. The available documents consistently identify HexoEditor 1.1.8 as vulnerable to XSS, but do not provide a device-speci...