Cyber Resilience

CVE-2023-53899

MediumPublic PoC

Published: 16 December 2025

Published
16 December 2025
Modified
29 April 2026
KEV Added
Patch
CVSS Score v4 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0027 51.0th percentile
Risk Priority 10 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-53899 is a medium-severity SSRF (CWE-918) vulnerability in Podcastgenerator Podcast Generator. Its CVSS base score is 5.1 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 49.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SC-7 (Boundary Protection) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2023-53899 is a blind server-side request forgery (SSRF) vulnerability, classified under CWE-918, affecting PodcastGenerator version 3.2.9. The flaw exists in the episode upload form, where attackers can inject malicious XML by manipulating the 'shortdesc' parameter. This injection triggers external HTTP requests to arbitrary endpoints controlled by the attacker during the podcast episode creation process.

The vulnerability carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), making it remotely exploitable over the network with low attack complexity, no privileges or user interaction required, and high impacts across confidentiality, integrity, and availability. Unauthenticated attackers can leverage it to force the PodcastGenerator server to initiate HTTP requests to arbitrary external endpoints.

Advisories and references include the PodcastGenerator GitHub repository (https://github.com/PodcastGenerator/PodcastGenerator), official site (https://podcastgenerator.net/), a proof-of-concept exploit on Exploit-DB (https://www.exploit-db.com/exploits/51565), and a VulnCheck advisory detailing the SSRF via XML injection (https://www.vulncheck.com/advisories/podcastgenerator-blind-server-side-request-forgery-via-xml-injection). No specific patch or mitigation details are provided in the available information.

EU & UK References

Vulnerability details

PodcastGenerator 3.2.9 contains a blind server-side request forgery vulnerability that allows attackers to inject XML in the episode upload form. Attackers can manipulate the 'shortdesc' parameter to trigger external HTTP requests to arbitrary endpoints during podcast episode creation.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1046 Network Service Discovery Discovery
Adversaries may attempt to get a listing of services running on remote hosts and local network infrastructure devices, including those that may be vulnerable to remote software exploitation.
Why these techniques?

T1190 directly matches exploitation of a public-facing web application vulnerability (unauthenticated SSRF via episode upload form). T1046 is facilitated by blind SSRF enabling internal network scanning and access to sensitive services.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-6229Shared CWE-918
CVE-2025-1849Shared CWE-918
CVE-2026-0686Shared CWE-918
CVE-2026-7065Shared CWE-918
CVE-2026-32236Shared CWE-918
CVE-2025-55150Shared CWE-918
CVE-2024-45479Shared CWE-918
CVE-2026-44313Shared CWE-918
CVE-2026-3750Shared CWE-918
CVE-2026-4953Shared CWE-918

Affected Assets

podcastgenerator
podcast generator
3.2.9

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Validates user inputs like the 'shortdesc' parameter in the episode upload form to prevent XML injection that triggers blind SSRF.

prevent

Identifies, prioritizes, and remediates the specific SSRF flaw (CVE-2023-53899) in PodcastGenerator 3.2.9 through patching or code fixes.

prevent

Boundary protection at network perimeters blocks unauthorized outbound HTTP requests to arbitrary external endpoints initiated by SSRF.

References