{"id":"CVE-2023-30338","details":"Multiple stored cross-site scripting (XSS) vulnerabilities in Emlog Pro v2.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Article Title or Article Summary parameters.","modified":"2025-11-15T06:28:42.707609Z","published":"2023-04-27T15:15:13.787Z","references":[{"type":"EVIDENCE","url":"https://github.com/emlog/emlog/issues/229"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/emlog/emlog","events":[{"introduced":"0"},{"last_affected":"5d337439715401036c3bc0f2a195938542ab05a9"}]}],"versions":["5.3.1","6.0.0","6.1.0","emlog_5.1.2","emlog_5.1.3","emlog_5.2.0","emlog_5.2.1","emlog_5.3.0","pro-1.0.1","pro-1.0.2","pro-1.0.3","pro-1.0.4","pro-1.0.5","pro-1.0.6","pro-1.0.7","pro-1.0.8","pro-1.1.0","pro-1.1.1","pro-1.2.0","pro-1.2.1","pro-1.2.2","pro-1.3.0","pro-1.3.1","pro-1.4.0","pro-1.5.0","pro-1.5.0.new","pro-1.5.1","pro-1.6.0","pro-1.7.0","pro-1.7.1","pro-1.8.0","pro-1.9.0","pro-1.9.1","pro-1.9.2","pro-1.9.3","pro-2.0.0","pro-2.0.1","pro-2.0.2","pro-2.0.3"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-30338.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}]}