CVE-2023-53909
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-17

Last updated on: 2025-12-27

Assigner: VulnCheck

Description
WBCE CMS 1.6.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript by uploading crafted SVG files through the media manager. Attackers can upload SVG files containing script tags to the /wbce/modules/elfinder/ef/php/connector.wbce.php endpoint and execute JavaScript when victims access the uploaded file.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-17
Last Modified
2025-12-27
Generated
2026-06-16
AI Q&A
2025-12-18
EPSS Evaluated
2026-06-15
NVD
CVE-2023-53909
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
wbce wbce_cms 1.6.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a stored cross-site scripting (XSS) issue in WBCE CMS 1.6.1. It allows authenticated attackers to upload specially crafted SVG files containing malicious JavaScript through the media manager. When other users access these uploaded SVG files, the malicious JavaScript executes in their browsers.

Impact Analysis

The vulnerability can lead to execution of malicious JavaScript in the context of users who access the uploaded SVG files. This can result in theft of user credentials, session hijacking, or other malicious actions performed on behalf of the victim user.

Detection Guidance

You can detect this vulnerability by checking for the presence of malicious SVG files uploaded to the media manager endpoint. Specifically, look for SVG files containing embedded <script> tags in the directory /wbce/media/. For example, you can use commands like: 1) To find SVG files containing script tags on the server: grep -rl '<script' /path/to/wbce/media/*.svg 2) To monitor HTTP POST requests to the vulnerable endpoint, you can use network monitoring tools or logs to detect multipart/form-data POST requests to /wbce/modules/elfinder/ef/php/connector.wbce.php with upload[] parameters. Additionally, reviewing web server logs for suspicious uploads or accesses to SVG files may help identify exploitation attempts. [1, 2]

Mitigation Strategies

Immediate mitigation steps include restricting or disabling SVG file uploads through the media manager to prevent attackers from uploading malicious SVG files. You should also implement input validation and sanitization to block SVG files containing script tags. Additionally, restrict access to the /wbce/modules/elfinder/ef/php/connector.wbce.php endpoint to authenticated and authorized users only. Monitoring and removing any suspicious SVG files already uploaded is recommended. Applying any available patches or updates from WBCE CMS developers addressing this vulnerability is also advised. [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53909. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart