VYPR
Unrated severityOSV Advisory· Published Jan 2, 2026· Updated Jan 5, 2026

Emlog has stored Cross-site Scripting issue that can lead to admin or another account ATO

CVE-2026-21432

Description

Emlog is an open source website building system. Version 2.5.23 has a stored cross-site scripting vulnerability that can lead to account takeover, including takeover of admin accounts. As of time of publication, no known patched versions are available.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Emlog/EmlogOSV2 versions
    5.3.1, 6.0.0, 6.1.0, …+ 1 more
    • (no CPE)range: 5.3.1, 6.0.0, 6.1.0, …
    • (no CPE)range: =2.5.23

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.