CNNVD-202507-2234 Information

CNNVD ID

CNNVD-202507-2234

Related CVE

CVE-2025-53924

• CNNVD Published: 2025-07-16

Description (Chinese)

emlog是emlog开源的一套基于PHP和MySQL的CMS建站系统。 emlog pro-2.5.17及之前版本存在安全漏洞，该漏洞源于siteurl参数清理不足，可能导致认证远程攻击者注入存储型跨站脚本。

Description (English)

Emlog is a CMS station system based on PHP and MySQL. There is a security loophole in the emlog pro-2.5.17 and earlier versions, which stems from inadequate clearance of siteurl parameters, which may result in the certification of remote assailants being injected into stored cross-site scripts.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Emlog

Published

2025-07-16

Last Modified

2026-02-24

References

https://github.com/emlog/emlog/security/advisories/GHSA-6rmq-5rjf-3fmx