CVE-2024-54266

Name of the Vulnerable Software and Affected Versions: ImageRecycle pdf & image compression versions prior to 3.1.17

Description: The issue is related to improper neutralization of input during web page generation, which allows reflected Cross-site Scripting (XSS). This problem affects the compression of PDFs and images.

Recommendations: For versions prior to 3.1.17, update to version 3.1.17 or later to resolve the issue. As a temporary workaround, consider restricting access to the compression functionality until a patch is applied. Avoid using the vulnerable compression feature in ImageRecycle pdf & image compression until the issue is resolved.