PT-2023-21968 · I Thirteen Web Solution · Continuous Image Carousel With Lightbox

Thiennv

Publicado

2023-04-07

Atualizado

2023-04-13

CVE-2023-28792

CVSS v3.1

7.1

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions I Thirteen Web Solution Continuous Image Carousel With Lightbox plugin versions prior to 1.0.16

Description The issue is related to an Unauth. Reflected Cross-Site Scripting (XSS) vulnerability. This means that an attacker could potentially inject malicious scripts into the website, which would then be executed by the user's browser.

Recommendations For versions prior to 1.0.16, update to version 1.0.16 or later to resolve the issue.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2023-28792

Produtos afetados

Continuous Image Carousel With Lightbox

PT-2023-21968 · I Thirteen Web Solution · Continuous Image Carousel With Lightbox

CVE-2023-28792

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3