GHSA-82jf-8f24-xq9m
Suggest an improvement- Source
- https://github.com/advisories/GHSA-82jf-8f24-xq9m
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/03/GHSA-82jf-8f24-xq9m/GHSA-82jf-8f24-xq9m.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-82jf-8f24-xq9m
- Aliases
- Published
- 2024-03-03T00:30:32Z
- Modified
- 2025-01-21T17:12:45Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- hexo-theme-anzhiyu Cross-site Scripting vulnerability
- Details
-
Cross Site Scripting (XSS) vulnerability in hexo-theme-anzhiyu v1.6.12, allows remote attackers to execute arbitrary code via the algolia search function.
- Database specific
{ "nvd_published_at": "2024-03-02T22:15:50Z", "cwe_ids": [ "CWE-79", "CWE-80" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-03-06T16:08:31Z" }- References
Affected packages
npm / hexo-theme-anzhiyu
Package
- Name
- hexo-theme-anzhiyu
- View open source insights on deps.dev
- Purl
- pkg:npm/hexo-theme-anzhiyu