CVE-2025-57966

Name of the Vulnerable Software and Affected Versions GhozyLab Gallery Lightbox versions through 1.0.0.41

Description The software contains a flaw due to improper input handling during web page creation, leading to a Cross-site Scripting (XSS) issue. Specifically, the vulnerability allows for Stored XSS attacks. The issue involves the injection of malicious scripts into web pages, potentially compromising user data and system security. The affected API endpoints and vulnerable parameters are not specified.

Recommendations Update GhozyLab Gallery Lightbox to a version later than 1.0.0.41.