CVE-2025-53924

Name of the Vulnerable Software and Affected Versions Emlog versions up to and including 2.5.17

Description Emlog is an open source website building system susceptible to a cross-site scripting (XSS) issue. A malicious actor with authentication can inject arbitrary web script or HTML via the siteurl parameter, leading to Stored XSS. Clicking a link containing the malicious code results in its execution.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.