CVE-2023-53901
Unknown Unknown - Not Provided
Cross-Site Scripting in WBCE CMS 1.6.1 Enables Keylogging

Publication date: 2025-12-16

Last updated on: 2025-12-16

Assigner: VulnCheck

Description
WBCE CMS 1.6.1 contains a cross-site scripting vulnerability that allows attackers to inject malicious HTML and CSS to capture user keystrokes. Attackers can upload a crafted HTML file with CSS-based keylogging techniques to intercept password characters through background image requests.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-16
Last Modified
2025-12-16
Generated
2026-06-16
AI Q&A
2025-12-16
EPSS Evaluated
2026-06-15
NVD
CVE-2023-53901
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
wbce cms 1.6.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-601 The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

WBCE CMS version 1.6.1 has a vulnerability that allows attackers to perform a CSS-based keylogging attack by combining an Open Redirect flaw and a Cross-Site Request Forgery (CSRF) vulnerability. An attacker can upload a crafted HTML file containing malicious CSS that assigns background images to password input characters. When a victim types their password, each character triggers a request to the attacker's server, effectively capturing keystrokes. The attacker uses the Open Redirect and CSRF vulnerabilities to redirect the victim to this malicious HTML page after login without their consent, enabling stealthy password interception. [1]

Impact Analysis

This vulnerability can lead to the theft of user credentials by capturing password keystrokes as users enter them. Attackers can remotely log sensitive information such as passwords without the victim's knowledge, potentially leading to unauthorized access to user accounts and further compromise of the affected system. [1]

Detection Guidance

Detection can involve monitoring for unusual HTTP POST requests to the login page (/wbce/admin/login/index.php) with suspicious 'url' parameters that redirect to unknown or attacker-controlled domains. Additionally, network traffic analysis can look for repeated background image requests to external servers triggered by CSS keylogging. Commands to help detect this include using tools like curl or wget to inspect login page parameters, and network monitoring tools like tcpdump or Wireshark to capture suspicious outbound requests. For example, using tcpdump: tcpdump -i any -n host attacker-server-domain and grep or log analysis to find POST requests with 'url' parameters redirecting to external URLs. [1]

Mitigation Strategies

Immediate mitigation steps include disabling or restricting the Media upload feature to prevent uploading malicious HTML files, applying strict input validation and sanitization on the 'url' parameter in the login page to prevent Open Redirect attacks, and implementing CSRF protections such as tokens to block unauthorized POST requests. Additionally, updating or patching the WBCE CMS to a version that addresses these vulnerabilities (if available) is recommended. Monitoring and blocking suspicious external requests from the CMS server can also help reduce risk. [1]

Compliance Impact

The provided resources do not explicitly discuss the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA. However, since the vulnerability allows attackers to capture user keystrokes including passwords through CSS-based keylogging, it could potentially lead to unauthorized access and data breaches, which may result in non-compliance with data protection regulations that require safeguarding personal and sensitive information. [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53901. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart