CVE-2023-53953
BaseFortify
Publication date: 2025-12-19
Last updated on: 2025-12-27
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| websitebaker | websitebaker | 2.13.3 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2023-53953 is a stored cross-site scripting (XSS) vulnerability in WebsiteBaker version 2.13.3. It allows authenticated users with page creation privileges to inject malicious JavaScript code into the titles of web pages they create. When other users view these pages, the malicious scripts execute in their browsers. This happens because the application does not properly sanitize user input during page creation, enabling attackers to embed harmful scripts that run in the context of the victim's browser. [1, 2]
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized actions or data exposure for users who view the maliciously crafted pages. Since the injected scripts execute in the context of the victim's browser, attackers could potentially steal session cookies, perform actions on behalf of the user, or manipulate the content displayed. The impact is considered low to moderate, with a CVSS v4 base score of 5.1 and v3.1 score of 6.4, indicating some risk but limited severity. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking for the presence of malicious scripts injected into page titles via the page creation functionality. One way to detect it is to monitor POST requests to the endpoint `/admin/pages/add.php` with suspicious payloads in the `title` parameter, such as HTML tags with event handlers (e.g., `<img src=x onerror=alert(1)>`). Network monitoring tools or web application firewalls can be configured to log or alert on such requests. Additionally, reviewing the stored page titles in the database for suspicious JavaScript code can help identify exploitation. Specific commands depend on your environment, but for example, using curl to simulate the exploit POST request can help verify vulnerability: `curl -X POST -d "title=<img src=x onerror=alert(1)>" -b cookies.txt https://yourwebsite/admin/pages/add.php` (assuming authentication cookies are stored in cookies.txt). [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting page creation privileges to trusted users only, as the vulnerability requires authenticated users with page creation rights. Additionally, implement input sanitization and validation on the `title` parameter to prevent injection of malicious scripts. Applying any available patches or updates from the vendor is recommended once released. In the meantime, monitoring and blocking suspicious POST requests to `/admin/pages/add.php` can reduce exploitation risk. [1, 2]