CVE-2025-69084

Name of the Vulnerable Software and Affected Versions GT3 themes Photo Gallery versions through 2.7.7.26

Description A Reflected Cross-site Scripting (XSS) issue exists in GT3 themes Photo Gallery. This allows for improper neutralization of input during web page generation. The issue involves the potential for malicious code injection through a web page, potentially impacting users. The vulnerable component is susceptible to attacks where an attacker can inject malicious scripts into a web page viewed by other users. The attack vector involves manipulating input data that is then displayed on a web page without proper sanitization. The API endpoint and vulnerable parameters are not specified.

Recommendations Update GT3 themes Photo Gallery to a version later than 2.7.7.26.