| Title | https://gitee.com/moonlightL https://gitee.com/moonlightL/hexo-boot hexo-boot-4.3.0 Improper Neutralization of Alternate XSS Syntax |
|---|
| Description | The hexo-boot-4.3.0 blog backend has an XSS vulnerability. Attackers can construct payloads to bypass filtering, achieve XSS pop-ups, and cause the leakage of victims' privacy and cookies. |
|---|
| Source | ⚠️ https://github.com/trengh222/hexo-boot-xss2.0 |
|---|
| User | trengh (UID 85464) |
|---|
| Submission | 05/19/2025 10:41 (1 Year ago) |
|---|
| Moderation | 05/20/2025 15:49 (1 day later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 309664 [moonlightL hexo-boot 4.3.0 Dynamic List Page /admin/home/index.html cross site scripting] |
|---|
| Points | 16 |
|---|