IM
IronMonkey Threat Research

CVE-2023-53155 HIGH

Published: 2025-07-25 | Last Modified: 2026-04-15 | Status: Deferred

Description

goform/formTest in EmbedThis GoAhead 2.5 allows HTML injection via the name parameter.

Additional Descriptions (1)

goform/formTest en EmbedThis GoAhead 2.5 permite la inyección de HTML a través del parámetro de nombre.

CVSS Metrics

Base Score: 7.2 (HIGH)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Attack VectorNETWORK
Attack ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
ScopeCHANGED
Confidentiality ImpactLOW
Integrity ImpactLOW
Availability ImpactNONE

Source: [email protected]

Type: Secondary

Exploitability Score: 3.9

Impact Score: 2.7

Weaknesses

Source Type Description
[email protected] Secondary
en CWE-79

References

Notification
Message here