Unrated severityOSV Advisory· Published Jan 2, 2026· Updated Jan 5, 2026
Emlog has stored Cross-site Scripting issue that can lead to admin or another account ATO
CVE-2026-21432
Description
Emlog is an open source website building system. Version 2.5.23 has a stored cross-site scripting vulnerability that can lead to account takeover, including takeover of admin accounts. As of time of publication, no known patched versions are available.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- github.com/emlog/emlog/security/advisories/GHSA-4rxf-mjqx-c464mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.