VYPR
Unrated severityOSV Advisory· Published Dec 16, 2025· Updated Apr 7, 2026

WBCE CMS 1.6.1 Cross-Site Scripting and Open Redirect Vulnerability

CVE-2023-53901

Description

WBCE CMS 1.6.1 contains a cross-site scripting vulnerability that allows attackers to inject malicious HTML and CSS to capture user keystrokes. Attackers can upload a crafted HTML file with CSS-based keylogging techniques to intercept password characters through background image requests.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.