CVE-2025-53926 Information

Jul 17, 2025 cve

Description

Emlog is an open source website building system. A cross-site scripting (XSS) vulnerability in emlog up to and including pro-2.5.17 allows remote attackers to inject arbitrary web script or HTML via the comment and comname parameters. Reflected XSS requires the victim to send POST requests therefore the victim must be persuaded into clicking into sent URL. As of time of publication no known patched versions exist.

Reference

https://github.com/emlog/emlog/security/advisories/GHSA-g8jx-pj5p-fm3x https://github.com/emlog/emlog/security/advisories/GHSA-g8jx-pj5p-fm3x

CNNVD-202507-2242 (Published: 2025-07-16)

Share on:

CVE-2025-53926 Information

Description

Reference

Related CNNVD