9 matches found
CVE-2025-61599
Emlog is an open source website building system. A stored Cross-Site Scripting XSS vulnerability exists in the "Twitter"feature of EMLOG Pro 2.5.21 and below. An authenticated user with privileges to post a "Twitter" message can inject arbitrary JavaScript code. The malicious script is stored on...
EUVD-2025-32224
Malicious code in bioql PyPI...
CVE-2025-61599
Emlog is an open source website building system. A stored Cross-Site Scripting XSS vulnerability exists in the "Twitter"feature of EMLOG Pro 2.5.21 and below. An authenticated user with privileges to post a "Twitter" message can inject arbitrary JavaScript code. The malicious script is stored on...
CVE-2025-61599
CVE-2025-61599 affects EMLOG Pro 2.5.21 and earlier. A stored XSS vulnerability exists in the Twitter feature where an authenticated user with posting privileges can inject arbitrary JavaScript code. The malicious script is stored on the server and executes in the browser of any user (including a...
CVE-2025-61599 Emlog is Vulnerable to Stored Cross-Site Scripting (XSS) in "Twitter" Feature via Markdown Input
Emlog is an open source website building system. A stored Cross-Site Scripting XSS vulnerability exists in the "Twitter"feature of EMLOG Pro 2.5.21 and below. An authenticated user with privileges to post a "Twitter" message can inject arbitrary JavaScript code. The malicious script is stored on...
CVE-2025-61599 Emlog is Vulnerable to Stored Cross-Site Scripting (XSS) in "Twitter" Feature via Markdown Input
Emlog is an open source website building system. A stored Cross-Site Scripting XSS vulnerability exists in the "Twitter"feature of EMLOG Pro 2.5.21 and below. An authenticated user with privileges to post a "Twitter" message can inject arbitrary JavaScript code. The malicious script is stored on...
CVE-2025-61599 Emlog is Vulnerable to Stored Cross-Site Scripting (XSS) in "Twitter" Feature via Markdown Input
Emlog is an open source website building system. A stored Cross-Site Scripting XSS vulnerability exists in the "Twitter"feature of EMLOG Pro 2.5.21 and below. An authenticated user with privileges to post a "Twitter" message can inject arbitrary JavaScript code. The malicious script is stored on...
PT-2025-40461
Name of the Vulnerable Software and Affected Versions Emlog Pro versions 2.5.21 and below Description A stored Cross-Site Scripting XSS issue exists in the "Twitter" feature. An authenticated user with posting privileges can inject arbitrary JavaScript code. The malicious script is stored on the...
Emlog Pro 跨站脚本漏洞
Emlog Pro is an Emlog open source blogging system. A cross-site scripting vulnerability exists in Emlog Pro 2.5.21 and earlier versions, which stems from a Twitter feature that does not properly validate input and could lead to a stored cross-site scripting attack...