First published: Mon Oct 02 2023(Updated: )
A cross-site scripting (XSS) vulnerability in the publish article function of emlog pro v2.1.14 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title field.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Emlog Emlog | =2.1.14 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-43267 is a cross-site scripting (XSS) vulnerability in the publish article function of emlog pro v2.1.14.
CVE-2023-43267 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title field.
Emlog Pro v2.1.14 is affected by CVE-2023-43267.
CVE-2023-43267 has a severity score of 5.4, which is considered medium.
To mitigate CVE-2023-43267, update to a version of Emlog Pro that is not affected by this vulnerability.