Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Hugo does not properly escape some Markdown links
Vulnerability Description
Hugo is a static site generator. From 0.60.0 to before 0.159.2, links and image links in the default markdown to HTML renderer are not properly escaped. Hugo users who trust their Markdown content or have custom render hooks for links and images are not affected. This vulnerability is fixed in 0.159.2.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Hugo 跨站脚本漏洞
Vulnerability Description
Hugo是Gohugoio社区的一款基于Go语言用于快速生成静态站点的框架。 Hugo 0.60.0至0.159.2之前版本存在跨站脚本漏洞,该漏洞源于默认Markdown到HTML渲染器中链接和图片链接未正确转义。
CVSS Information
N/A
Vulnerability Type
N/A