CVE-2023-53887

UNKNOWN 0.0

Zomplog 3.9 Cross-Site Scripting Vulnerability via Page Creation

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Zomplog 3.9 contains a cross-site scripting vulnerability that allows authenticated users to inject malicious scripts when creating new pages. Attackers can craft malicious image source and onerror attributes to execute arbitrary JavaScript code in victim's browser.

CWE	CWE-79
Vendor	zomplog
Product	zomplog
Published	Dec 15, 2025
Last Updated	Apr 7, 2026

Stay Ahead of the Next One

Get instant alerts for zomplog zomplog

Be the first to know when new unknown vulnerabilities affecting zomplog zomplog are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Zomplog / Zomplog

3.9

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/51625 web.archive.org: https://web.archive.org/web/20080616153330/http://zomp.nl/zomplog/ vulncheck.com: https://www.vulncheck.com/advisories/zomplog-cross-site-scripting-vulnerability-via-page-creation

Credits

Mirabbas Ağalarov