CVE-2025-61769

Emlog is an open source website building system. A cross-site scripting XSS vulnerability in emlog up to and including version 2.5.22 allows authenticated remote attackers to inject arbitrary web script or HTML via the file upload functionality. As an authenticated user it is possible to upload...

Emlog 安全漏洞

Emlog is emlog open source a PHP and MySQL based CMS website builder. A security vulnerability exists in Emlog 2.5.22 and previous versions, the vulnerability stems from the file upload function does not validate the input, which may lead to cross-site scripting attacks...

CVE-2025-61597 Emlog Pro is vulnerable to stored XSS attack through HTML template injection

Emlog is an open source website building system. In versions 2.5.21 and below, an HTML template injection allows stored cross‑site scripting XSS via the mail template settings. Once a malicious payload is saved, any subsequent visit to the settings page in an authenticated admin context will...

Apache Struts Security Update (S2-059, S2-060)

Apache Struts is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...