Cross-Site Scripting Vulnerability in WEBIGniter by WEBIGniter
CVE-2023-53735

5.3MEDIUM

Key Information:

Vendor: Webigniter
Status: Webigniter
Vendor: CVE Published:; 4 December 2025

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2023-53735?

WEBIGniter 28.7.23 is susceptible to a cross-site scripting (XSS) vulnerability during the user creation process. This flaw enables unauthenticated attackers to inject and execute malicious JavaScript code in affected applications, potentially exploiting user sessions and compromising sensitive information. Organizations using this version should evaluate their systems for this security risk and apply the necessary updates.

Affected Version(s)

WEBIGniter 28.7.23

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-53735 - Proof of Concept

References

https://www.exploit-db.com/exploits/51900

exploit

https://webigniter.net/

product

https://webigniter.net/demo

product

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Dec 4, 2025
👾
Exploit known to exist
Dec 4, 2025
Vulnerability published
Dec 4, 2025
Vulnerability Reserved
Dec 4, 2025

Credit

RedTeamer IT Security, Mesut Cetin

JSON

Webigniter