HTML Injection Vulnerability in EmbedThis GoAhead 2.5
CVE-2023-53155

7.2HIGH

Key Information:

Vendor: Embedthis
Status: Goahead
Vendor: CVE Published:; 25 July 2025

What is CVE-2023-53155?

The vulnerability in EmbedThis GoAhead 2.5 allows attackers to inject malicious HTML code through the 'name' parameter in the goform/formTest endpoint, potentially leading to unauthorized access or exploitation of user data. Proper validation and sanitization of input parameters are essential to mitigate this risk.

Affected Version(s)

GoAhead 2.5

References

https://www.exploit-db.com/exploits/51762

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2025
Vulnerability Reserved
Jul 25, 2025

Embedthis

What is CVE-2023-53155?

Affected Version(s)

References

CVSS V3.1

Timeline