3 matches found
CVE-2025-25823
A cross-site scripting XSS vulnerability in Emlog Pro v2.5.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the article header at /admin/article.php...
CVE-2025-25823
A cross-site scripting XSS vulnerability in Emlog Pro v2.5.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the article header at /admin/article.php...
CVE-2025-25823
CVE-2025-25823 is an XSS in Emlog Pro v2.5.4. An attacker can inject a crafted payload into the article header at /admin/article.php to execute arbitrary web scripts/HTML. Reported impact per sources: arbitrary script execution, with CVSSv3.1 vector indicating local access, user interaction requi...