CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-53920

PodcastGenerator 3.2.9 contains a stored cross-site scripting vulnerability in the podcast title field accessible through the podcast details interface (podcast_details.php). Malicious JavaScript payloads injected into the podcast title execute when users visit the application's home page.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 7.7%

CVSS Severity

CVSS v3 Score 4.6

References

https://podcastgenerator.net/
https://www.exploit-db.com/exploits/51454
https://www.vulncheck.com/advisories/podcastgenerator-stored-cross-site-scripting-via-podcast-title-field
https://www.exploit-db.com/exploits/51454

Products affected by CVE-2023-53920

Podcastgenerator » Podcast Generator » Version: 3.2.9

cpe:2.3:a:podcastgenerator:podcast_generator:3.2.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-53920

Products

Pricing

Contact Us