CVE-2017-16356

Name of the Vulnerable Software and Affected Versions: Kubik-Rubik SIGE (aka Simple Image Gallery Extended) versions prior to 3.3.0

Description: The issue allows attackers to execute JavaScript in a victim's browser. This is achieved by having the victim visit a crafted link, specifically a 'plugins/content/sige/plugin sige/print.php' link, with malicious img, name, or caption parameters.

Recommendations: For versions prior to 3.3.0, update to version 3.3.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the 'plugins/content/sige/plugin sige/print.php' endpoint or avoiding the use of the img, name, and caption parameters in this context until the update is applied.