CVE-2025-60447

Vulnerability Description

A stored Cross-Site Scripting (XSS) vulnerability has been discovered in Emlog Pro 2.5.19. The vulnerability exists in the email template configuration component located at /admin/setting.php?action=mail, which allows administrators to input HTML code that is not properly sanitized, leading to persistent JavaScript execution.

Vulnerability Details

Published Date

October 03, 2025

Last Modified

October 08, 2025

Source

NVD

CVE-2025-60447

Vulnerability Description

Vulnerability Details

Discussion (0)

Add Comment