Unrated severityOSV Advisory· Published Dec 17, 2025· Updated Apr 7, 2026
PodcastGenerator Stored Cross-Site Scripting via Podcast Title Field
CVE-2023-53920
Description
PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the podcast title field accessible through the podcast details interface (podcast_details.php). Malicious JavaScript payloads injected into the podcast title execute when users visit the application's home page.
Affected products
1- Range: 2.5, 2.6, 2.7, …
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- www.exploit-db.com/exploits/51454mitreexploit
- www.vulncheck.com/advisories/podcastgenerator-stored-cross-site-scripting-via-podcast-title-fieldmitrethird-party-advisory
- podcastgenerator.netmitreproduct
News mentions
0No linked articles in our index yet.