CVE-2018-11690

Name of the Vulnerable Software and Affected Versions Balbooa Gridbox extension versions prior to 2.4.0

Description The issue is caused by improper validation of user-supplied input, leading to cross-site scripting. A remote attacker could exploit this via a crafted URL to execute script in a victim's Web browser, potentially stealing the victim's cookie-based authentication credentials.

Recommendations For versions prior to 2.4.0, update to version 2.4.0 or later to resolve the issue.