CVE-2024-22639

Name of the Vulnerable Software and Affected Versions iGalerie version 3.0.22

Description The issue is related to a reflected cross-site scripting (XSS) vulnerability. This vulnerability occurs via the Titre (Title) field in the editing interface. Cross-site scripting (XSS) is a type of security vulnerability that allows an attacker to inject malicious scripts into a website, potentially leading to unauthorized access or control of user sessions.

Recommendations For iGalerie version 3.0.22, consider disabling the editing interface or restricting access to the Titre (Title) field until a patch is available. As a temporary workaround, avoid using the Titre field in the editing interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.