Unrated severityOSV Advisory· Published Jan 2, 2026· Updated Jan 5, 2026
Emlog vulnerable to stored Cross-site Scripting via image name
CVE-2026-21431
Description
Emlog is an open source website building system. Version 2.5.23 has a stored cross-site scripting vulnerability in the Resource media library function while publishing an article. As of time of publication, no known patched versions are available.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- github.com/emlog/emlog/security/advisories/GHSA-9vc2-crhr-248xmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.