CVE-2023-53899
Unknown Unknown - Not Provided
Blind SSRF in PodcastGenerator 3.2.9 via Episode Upload XML Injection

Publication date: 2025-12-16

Last updated on: 2026-04-29

Assigner: VulnCheck

Description
PodcastGenerator 3.2.9 contains a blind server-side request forgery vulnerability that allows attackers to inject XML in the episode upload form. Attackers can manipulate the 'shortdesc' parameter to trigger external HTTP requests to arbitrary endpoints during podcast episode creation.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-16
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2025-12-16
EPSS Evaluated
2026-06-14
NVD
CVE-2023-53899
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
podcastgenerator podcastgenerator 3.2.9
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a blind server-side request forgery (SSRF) in PodcastGenerator version 3.2.9. It allows an attacker to inject malicious XML content into the 'shortdesc' parameter of the episode upload form. By doing so, the attacker can cause the server to make HTTP requests to arbitrary external endpoints without the attacker seeing the response directly. This happens because the server processes the injected XML and fetches external resources specified by the attacker. [2]

Impact Analysis

The vulnerability can allow an attacker to make the server perform arbitrary HTTP requests to external or internal systems. This can lead to internal network scanning, accessing internal services that are not otherwise exposed, or other SSRF-related attacks. Although the attacker does not see the server's response directly, they can confirm the server's requests to attacker-controlled endpoints, potentially leading to information disclosure or further exploitation. [2]

Detection Guidance

This vulnerability can be detected by attempting to inject a specially crafted XML payload into the 'shortdesc' parameter of the episode upload form at /PodcastGenerator/admin/episodes_upload.php. For example, you can inject XML CDATA sections with an external URL and then listen on a local port to detect if the server makes an HTTP request to that URL. A command to listen for incoming requests is: nc -lvp 3132. If the server sends a request to this port, it confirms the SSRF vulnerability. [2]

Mitigation Strategies

To mitigate the blind SSRF vulnerability in PodcastGenerator 3.2.9, immediately avoid uploading episodes using the vulnerable 'shortdesc' parameter until a patch or update is available. Restrict or monitor outbound HTTP requests from the server to prevent unauthorized external calls. Implement input validation or sanitization on the 'shortdesc' field to block XML injection attempts. Additionally, consider isolating the PodcastGenerator server from sensitive internal networks to limit potential SSRF impact. [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53899. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart