Hexo
Monthly
Hexo up to v7.0.0 (RC2) was discovered to contain an arbitrary file read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Hexo versions 0.0.1 to 5.4.0 are vulnerable against stored XSS. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
Hexo up to v7.0.0 (RC2) was discovered to contain an arbitrary file read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Hexo versions 0.0.1 to 5.4.0 are vulnerable against stored XSS. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.