exploitDog

CVE-2023-53953

Опубликовано: 19 дек. 2025

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

WebsiteBaker 2.13.3 contains a stored cross-site scripting vulnerability that allows authenticated users to inject malicious scripts when creating web pages. Attackers can craft malicious payloads in page titles that execute arbitrary JavaScript when the page is viewed by other users.

Ссылки

https://websitebaker.org/pages/en/home.php
Product
https://www.exploit-db.com/exploits/51349
Exploit
Third Party Advisory
VDB Entry
https://www.vulncheck.com/advisories/websitebaker-stored-cross-site-scripting-via-page-creation
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:websitebaker:websitebaker:2.13.3:*:*:*:*:*:*:*

EPSS

Процентиль: 8%

0.0003

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-g4gm-4wgj-pr24

CVSS3: 6.4

github

около 2 месяцев назад

WebsiteBaker 2.13.3 contains a stored cross-site scripting vulnerability that allows authenticated users to inject malicious scripts when creating web pages. Attackers can craft malicious payloads in page titles that execute arbitrary JavaScript when the page is viewed by other users.

EPSS

Процентиль: 8%

0.0003

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79