CVE-2024-25865

Published March 2nd, 2024

View on NVD ↗

CVSS v3

6.1

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Cross Site Scripting (XSS) vulnerability in hexo-theme-anzhiyu v1.6.12, allows remote attackers to execute arbitrary code via the algolia search function.

anzhiyu-c/hexo-theme-anzhiyu

安知鱼主题，这是一个简洁美丽的hexo主题。

GitHub

2.5K