CVE-2025-5011 – MoonlightL Hexo-Boot Cross-Site Scripting Vulnerability

May 21, 2025

CVE ID : CVE-2025-5011

Published : May 21, 2025, 12:15 a.m. | 4 hours, 23 minutes ago

Description : A vulnerability classified as problematic was found in moonlightL hexo-boot 4.3.0. This vulnerability affects unknown code of the file /admin/home/index.html of the component Dynamic List Page. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5010 – MoonlightL Hexo-Boot Cross-Site Scripting Vulnerability

Next Article What is NewSQL? Bridging SQL and NoSQL

How To Prevent WordPress SQL Injection Attacks

Java never goes out of style: Celebrating 30 years of the language

OpenAI o3-pro available in the API, BrowserStack adds Playwright support for real iOS devices, and more – Daily News Digest

Creating The “Moving Highlight” Navigation Bar With JavaScript And CSS

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

Minecraft Vibrant Visuals finally has a release date and it’s dropping with the Happy Ghasts

QAQ-QQ-AI-QUEST

QAQ-QQ-AI-QUEST

JS Dark Arts: Abusing prototypes and the Result type

Helpful Git Aliases To Maximize Developer Productivity

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Microsoft Copilot’s own default configuration exposed users to the first-ever “zero-click” AI attack, but there was no data breach

Sam Altman says “OpenAI was forced to do a lot of unnatural things” to meet the Ghibli memes demand surge

5 things we didn’t get from the Xbox Games Showcase, because Xbox obviously hates me personally

CVE-2025-5011 – MoonlightL Hexo-Boot Cross-Site Scripting Vulnerability

Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion

Paragon Spyware used to Spy on European Journalists

CVE-2025-32457 – Quantenna Wi-Fi Chipset Command Injection Vulnerability

Raspberry Pi 5 Desktop Mini PC: Script to use a ZRAM swapdrive

H Company Releases Runner H Public Beta Alongside Holo-1 and Tester H for Developers

7 productivity gadgets I can’t live without (and why they make such a big difference)

NVIDIA GeForce “Game Ready” graphics driver update fixes bugs from a previous release — Flickering screens patched

Final Fantasy Tactics: The Ivalice Chronicles has been revealed for Xbox and PC, along with a release date

The new KB5055615 for Windows 11 Beta Channel brings huge improvements for the 23H2 version

Larva-24005: Kimsuky’s Global Cyber Espionage Campaign Exploits RDP and Office Flaws

CVE-2025-5011 – MoonlightL Hexo-Boot Cross-Site Scripting Vulnerability

Related Posts