CVE-2023-53876 – Academy LMS 6.1 contains a file upload vulnerab... (How to Fix)

Q: What is the severity of CVE-2023-53876?

CVE-2023-53876 has a CVSS score of 5.4 (MEDIUM). Academy LMS 6.1 contains a file upload vulnerability that allows authenticated users to upload malicious SVG files containing stored cross-site scripting (XSS) payloads. Attackers can inject malicious JavaScript through the profile avatar upload feature by modifying file extensions, potentially compromising other users' sessions. This affects all Academy LMS 6.1 installations with authenticated user access.

📋 TL;DR

Academy LMS 6.1 contains a file upload vulnerability that allows authenticated users to upload malicious SVG files containing stored cross-site scripting (XSS) payloads. Attackers can inject malicious JavaScript through the profile avatar upload feature by modifying file extensions, potentially compromising other users' sessions. This affects all Academy LMS 6.1 installations with authenticated user access.

💻 Affected Systems

Products:

Academy LMS

Versions: 6.1

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated user access; affects the profile avatar upload functionality specifically.

📦 What is this software?

Academy Lms by Creativeitem

View all CVEs affecting Academy Lms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal session cookies, perform actions as other users, deface the application, or redirect users to malicious sites, potentially leading to full account compromise and data theft.

🟠

Likely Case

Authenticated attackers upload malicious SVG files that execute JavaScript in victims' browsers when viewed, allowing session hijacking, credential theft, or limited account takeover.

🟢

If Mitigated

With proper input validation and file type restrictions, the attack surface is reduced to authenticated users only, limiting impact to internal user compromise rather than external attacks.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit requires authenticated access; public exploit code is available on Exploit-DB (ID 51702).

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://academylms.net/

Restart Required: No

Instructions:

Check Academy LMS vendor website for security updates or patches addressing CVE-2023-53876. Apply any available updates following vendor instructions.

🔧 Temporary Workarounds

Disable SVG file uploads

all

Configure the application to reject SVG file uploads through the profile avatar feature.

Modify application configuration to restrict allowed file types to non-SVG formats (e.g., PNG, JPG).

Implement server-side file validation

all

Add server-side checks to validate file content, not just extensions, and sanitize SVG files.

Implement file content validation in the upload handler to detect and block malicious SVG content.

🧯 If You Can't Patch

Restrict user permissions to limit who can upload profile avatars.
Implement web application firewall (WAF) rules to block malicious SVG uploads and XSS payloads.

🔍 How to Verify

Check if Vulnerable:

Attempt to upload an SVG file containing JavaScript payload through the profile avatar upload feature; if accepted and executes when viewed, the system is vulnerable.

Check Version:

Check Academy LMS admin panel or configuration files for version information; typically found in application settings or about page.

Verify Fix Applied:

Test that SVG files with embedded JavaScript are rejected or sanitized upon upload and do not execute in browsers.

📡 Detection & Monitoring

Log Indicators:

Unusual file uploads with .svg extension
Multiple failed upload attempts
Log entries showing SVG file processing

Network Indicators:

HTTP POST requests to avatar upload endpoints with SVG content
Unexpected JavaScript execution in user sessions

SIEM Query:

source="web_server" AND (uri_path="/upload/avatar" OR file_extension=".svg") AND status=200

📊 Metadata

CVE ID: CVE-2023-53876

CVSS v3 Score: 5.4 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-434

EPSS Score: 0.03% exploit probability (8.7th percentile)

Published: December 15, 2025

Last Updated: December 18, 2025

🔗 References

https://academylms.net/ Product
https://www.exploit-db.com/exploits/51702 Exploit,Third Party Advisory
https://www.vulncheck.com/advisories/academy-lms-arbitrary-file-upload-vulnerability-via-profile-settings Third Party Advisory
https://www.exploit-db.com/exploits/51702 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-53876, you might also want to check these: