CVE-2025-5011 – MoonlightL Hexo-Boot Cross-Site Scripting Vulnerability

May 21, 2025

CVE ID : CVE-2025-5011

Published : May 21, 2025, 12:15 a.m. | 4 hours, 23 minutes ago

Description : A vulnerability classified as problematic was found in moonlightL hexo-boot 4.3.0. This vulnerability affects unknown code of the file /admin/home/index.html of the component Dynamic List Page. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5010 – MoonlightL Hexo-Boot Cross-Site Scripting Vulnerability

Next Article Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Helldivers 2: Heart of Democracy update is live, and you need to jump in to save Super Earth from the Illuminate

Qualcomm’s new Adreno Control Panel will let you fine-tune the GPU for certain games on Snapdragon X Elite devices

Samsung takes on LG’s best gaming TVs — adds NVIDIA G-SYNC support to 2025 flagship

The biggest unanswered questions about Xbox’s next-gen consoles

HCL Commerce V9.1 – The Power of HCL Commerce Search

HCL Commerce V9.1 – The Power of HCL Commerce Search

Community News: Latest PECL Releases (05.20.2025)

Getting Started with Personalization in Sitecore XM Cloud: Enable, Extend, and Execute

Helldivers 2: Heart of Democracy update is live, and you need to jump in to save Super Earth from the Illuminate

Helldivers 2: Heart of Democracy update is live, and you need to jump in to save Super Earth from the Illuminate

Qualcomm’s new Adreno Control Panel will let you fine-tune the GPU for certain games on Snapdragon X Elite devices

Samsung takes on LG’s best gaming TVs — adds NVIDIA G-SYNC support to 2025 flagship

CVE-2025-5011 – MoonlightL Hexo-Boot Cross-Site Scripting Vulnerability

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-5010 – MoonlightL Hexo-Boot Cross-Site Scripting Vulnerability

Microsoft’s dumbest rebrand in its near 50 year history just got even dumber

GitHub Availability Report: March 2025

Timestamp writes for write hedging in Amazon DynamoDB

Try-Catch in Laravel: WHEN to Use it? 10+ Practical Examples.

Sam Altman says the “biblical demand” for ChatGPT-4o’s Ghibli memes has added one million users in just one hour, but “chill out a bit — our GPUs are melting”

Build RAG applications using Jina Embeddings v2 on Amazon SageMaker JumpStart

Time Sensitive Knowledge Editing through Efficient Finetuning

QIV – Quick Image Viewer

CVE-2025-5011 – MoonlightL Hexo-Boot Cross-Site Scripting Vulnerability

Related Posts