https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-05-04T19:16:56.909529+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/50b61106-60d1-400c-be2a-e7cb22d42b0c/export50b61106-60d1-400c-be2a-e7cb22d42b0c2026-05-04T19:16:57.301207+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "50b61106-60d1-400c-be2a-e7cb22d42b0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-25987", "type": "seen", "source": "https://t.me/cibsecurity/33090", "content": "\u203c CVE-2021-25987 \u203c\n\nHexo versions 0.0.1 to 5.4.0 are vulnerable against stored XSS. The post \u00e2\u20ac\u0153body\u00e2\u20ac\ufffd and \u00e2\u20ac\u0153tags\u00e2\u20ac\ufffd don\u00e2\u20ac\u2122t sanitize malicious javascript during web page generation. Local unprivileged attacker can inject arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-30T16:34:42.000000Z"}2021-11-30T16:34:42+00:00