QwikSec

Security Database

CVE

CWE

Training

CVE-2023-53870

Published: Dec 15, 2025

Modified: Apr 7, 2026

PUBLISHED

Description

Jorani 1.0.3 contains a reflected cross-site scripting vulnerability in the language parameter that allows attackers to inject malicious scripts. Attackers can craft XSS payloads in the language parameter to execute arbitrary JavaScript and potentially steal user session information.

Vendor	Product	Versions
Jorani	Jorani	affected `1.0.3`

Weaknesses (CWE)

References

ExploitDB-51715

exploit

Jorani Product Webpage

product

VulnCheck Advisory: Jorani 1.0.3 Cross-Site Scripting Vulnerability via Language Parameter

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.