Vulnerability Details CVE-2026-21430
Emlog is an open source website building system. In version 2.5.23, article creation functionality is vulnerable to cross-site request forgery (CSRF). This can lead to a user being forced to post an article with arbitrary, attacker-controlled content. This, when combined with stored cross-site scripting, leads to account takeover. As of time of publication, no known patched versions are available.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 7.3%
CVSS Severity
CVSS v3 Score 9.3