Christian Bajada

**Name of the Vulnerable Software and Affected Versions** Gibbon Core version 26.0.00 **Description** A cross-site scripting (XSS) issue allows an attacker to execute arbitrary code via the `imageLink` parameter in the `library manage catalog editProcess.php` component. This could potentially lead to unauthorized actions on the affected system. **Recommendations** For Gibbon Core version 26.0.00, consider restricting access to the `library manage catalog editProcess.php` component until a patch is available, and avoid using the `imageLink` parameter in this component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.