CVE-2025-23889

Name of the Vulnerable Software and Affected Versions FooGallery Captions versions 1.0.2 and earlier

Description The issue is related to improper neutralization of input during web page generation, which allows reflected cross-site scripting (XSS). This enables attackers to inject malicious scripts. The estimated number of potentially affected devices is not provided, and there is no information about real-world incidents where this issue was exploited.

Recommendations For FooGallery Captions versions 1.0.2 and earlier, update immediately to prevent attacks. As a temporary workaround, consider restricting access to potentially vulnerable API endpoints or disabling any features that may be used to inject malicious scripts until a patch is available.