PT-2025-51958 · Unknown · Podcast Generator
Mirabbas Ağalarov
·
Published
2025-12-17
·
Updated
2025-12-20
·
CVE-2023-53920
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
PodcastGenerator version 3.2.9
Description
PodcastGenerator version 3.2.9 has a stored cross-site scripting issue in the podcast title field. This flaw is accessible through the podcast details interface, specifically the
podcast details.php file. Successful exploitation involves injecting malicious JavaScript payloads into the podcast title, which then execute when users visit the application’s home page.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Podcast Generator