Products
Government
Resources
Community
Company
Partners
Sign In / Join
Sign In
Advisories
WEBIGniter v28.7.23 Cross-Site Scripting (XSS) in User Creation Process
Go Back
severity
medium
date
December 4, 2025
Affecting
WEBIGniter v28.7.23
CVE
CVE-2023-53735
CVE type
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS
5.3
CVSS V4 Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
References
ExploitDB-51900
Official WEBIGniter Homepage
WEBIGniter Demo Page
Credit
RedTeamer IT Security, Mesut Cetin
Description
WEBIGniter v28.7.23 contains a cross-site scripting vulnerability in the user creation process that allows unauthenticated attackers to execute malicious JavaScript code, enabling potential XSS attacks.