icon

We found results for “

CVE-2021-25987

Date: November 30, 2021

Overview

Hexo versions 0.0.1 to 5.4.0 are vulnerable against stored XSS. The post “body” and “tags” don’t sanitize malicious javascript during web page generation. Local unprivileged attacker can inject arbitrary code.

Details

Hexo versions 0.0.1 to 5.4.0 are vulnerable against stored XSS. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user.
The post “body” and “tags” don’t sanitize malicious javascript during web page generation. Local unprivileged attacker can inject arbitrary code.

PoC Details

Create a new post by entering: ‘hexo new "Hello Hexo"’. Then, locate the file named "Hello Hexo". Edit the file, add JS alerts to ‘tags’ or 'body' sections, and save the document. Once reloading the page, an alert will appear.

PoC Code

tags: <script>alert("XSS")</script>

Affected Environments

0.0.1-5.4.0

Prevention

No Fix

Language: JS

Good to know:

icon
icon

Cross-Site Scripting (XSS)

CWE-79
icon

Upgrade Version

No fix version available

Base Score:
Attack Vector (AV): Local
Attack Complexity (AC): Low
Privilegs Required (PR): Low
User Interaction (UI): Required
Scope (S): Changed
Confidentiality (C): Low
Integrity (I): Low
Availability (A): None
Base Score:
Access Vector (AV): Local
Access Complexity (AC): Medium
Authentication (AU): None
Confidentiality (C): None
Integrity (I): Partial
Availability (A): None
Additional information: