VYPR
Unrated severityOSV Advisory· Published Jan 2, 2026· Updated Jan 5, 2026

Emlog vulnerable to stored Cross-site Scripting via image name

CVE-2026-21431

Description

Emlog is an open source website building system. Version 2.5.23 has a stored cross-site scripting vulnerability in the Resource media library function while publishing an article. As of time of publication, no known patched versions are available.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Emlog/EmlogOSV2 versions
    5.3.1, 6.0.0, 6.1.0, …+ 1 more
    • (no CPE)range: 5.3.1, 6.0.0, 6.1.0, …
    • (no CPE)range: =2.5.23

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.