Vulnerability — CVE-2024-25865

CVE-2024-25865

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2024-25865
Description:: Cross Site Scripting (XSS) vulnerability in hexo-theme-anzhiyu v1.6.12, allows remote attackers to execute arbitrary code via the algolia search function.
Last updated date:: 01/21/2025

Type:: exploit
Confidence:: HIGH
Date of publishing:: 01/21/2025
Reference url to background: https://github.com/anzhiyu-c/hexo-theme-anzhiyu/issues/200