CNNVD-202507-2242 Information

CNNVD ID

CNNVD-202507-2242

Related CVE

CVE-2025-53926

• CNNVD Published: 2025-07-16

Description (Chinese)

emlog是emlog开源的一套基于PHP和MySQL的CMS建站系统。 emlog pro-2.5.17及之前版本存在跨站脚本漏洞，该漏洞源于comment和comname参数清理不足，可能导致远程攻击者注入反射型跨站脚本。

Description (English)

Emlog is a CMS station system based on PHP and MySQL. Emlog pro-2.5.17 and previous versions have a cross-site script loophole, which stems from inadequate clearance of the comment and comname parameters, which may lead to the injection of reflective cross-site scripts by remote assailants.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Emlog

Published

2025-07-16

Last Modified

2026-02-24

References

https://github.com/emlog/emlog/security/advisories/GHSA-g8jx-pj5p-fm3x