CVE-2026-32518

Name of the Vulnerable Software and Affected Versions imithemes Gaea versions prior to 3.8

Description The software contains a flaw related to improper input handling during web page generation, specifically a Reflected Cross-Site Scripting (XSS) issue. This allows for the execution of malicious scripts through a web page. The vulnerable component is susceptible to exploitation when processing user-supplied input without adequate sanitization. The affected API endpoint is not specified. The vulnerable parameter is not specified. The vulnerable function is not specified.

Recommendations Update imithemes Gaea to version 3.8 or later.