mirror of
https://github.com/0xMarcio/cve.git
synced 2026-02-12 22:53:11 +00:00
1.1 KiB
1.1 KiB
CVE-2021-24667
%20Video%20Gallery%20and%20Lightbox%20for%20native%20gallery&color=blue)
&color=brightgreen)
Description
A stored cross-site scripting vulnerability has been discovered in : Simply Gallery Blocks with Lightbox (Version – 2.2.0 & below). The vulnerability exists in the Lightbox functionality where a user with low privileges is allowed to execute arbitrary script code within the context of the application. This vulnerability is due to insufficient validation of image parameters in meta data.