CVE-2015-9296

Name of the Vulnerable Software and Affected Versions download-monitor plugin versions prior to 1.7.1

Description The issue is related to a Cross-Site Scripting (XSS) vulnerability. It affects the add query arg function. No information is provided about the estimated number of potentially affected devices or real-world incidents.

Recommendations For versions prior to 1.7.1, update to version 1.7.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the add query arg function until the update is applied.