CVE-2023-53870

UNKNOWN 0.0

Jorani 1.0.3 Cross-Site Scripting Vulnerability via Language Parameter

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Jorani 1.0.3 contains a reflected cross-site scripting vulnerability in the language parameter that allows attackers to inject malicious scripts. Attackers can craft XSS payloads in the language parameter to execute arbitrary JavaScript and potentially steal user session information.

CWE	CWE-79
Vendor	jorani
Product	jorani
Published	Dec 15, 2025
Last Updated	Apr 7, 2026

Stay Ahead of the Next One

Get instant alerts for jorani jorani

Be the first to know when new unknown vulnerabilities affecting jorani jorani are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Jorani / Jorani

1.0.3

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/51715 jorani.org: https://jorani.org/ vulncheck.com: https://www.vulncheck.com/advisories/jorani-cross-site-scripting-vulnerability-via-language-parameter

Credits

nu11secur1ty