CVE-2023-53882

UNKNOWN 0.0

JLex GuestBook 1.6.4 Reflected Cross-Site Scripting via URL Parameter

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

JLex GuestBook 1.6.4 contains a reflected cross-site scripting vulnerability in the 'q' URL parameter that allows attackers to inject malicious scripts. Attackers can craft malicious links with XSS payloads to steal session tokens or execute arbitrary JavaScript in victims' browsers.

CWE	CWE-79
Vendor	jlexart
Product	jlex guestbook
Published	Dec 15, 2025
Last Updated	Apr 7, 2026

Stay Ahead of the Next One

Get instant alerts for jlexart jlex guestbook

Be the first to know when new unknown vulnerabilities affecting jlexart jlex guestbook are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

jlexart / JLex GuestBook

1.6.4

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/51647 jlexart.com: https://jlexart.com/ vulncheck.com: https://www.vulncheck.com/advisories/jlex-guestbook-reflected-cross-site-scripting-via-url-parameter

Credits

CraCkEr