Security report for CVE Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and Lightbox for native gallery > CVE-2021-24667
- CVE
- Date
- Jun 07, 2024, 07:06:41
- Research Description
- A stored cross-site scripting vulnerability has been discovered in : Simply Gallery Blocks with Lightbox (Version – 2.2.0 & below). The vulnerability exists in the Lightbox functionality where a user with low privileges is allowed to execute arbitrary script code within the context of the application. This vulnerability is due to insufficient validation of image parameters in meta data.
- Status
-
vulnerableMedium
- Actual on
- Jul 05, 2024, 12:07:15