hexo-admin@1.1.2 vulnerabilities
Adds an admin section to the hexo server
-
latest version
2.3.0
-
first published
11 years ago
-
latest version published
7 years ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the hexo-admin package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
hexo-admin is an Admin Interface for Hexo. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the content of a post. It an attacker to embed a malicious script into a vulnerable page, which is then executed when a victim views the page. How to fix Cross-site Scripting (XSS)? There is no fixed version for |
*
|
hexo-admin is an Admin Interface for Hexo. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It fails to sanitize rendered markdown, allowing attackers to execute arbitrary JavaScript in a victim's browser if they are able to create new posts. How to fix Cross-site Scripting (XSS)? There is no fixed version for |
*
|