CVE-2024-29095 — Cross-site Scripting in Labs Site Reviews

CWE-79 — Cross-site Scripting3 documents3 sources

Severity

—N/A

No vector

EPSS

0.1%

top 68.65%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Gemini Labs Site Reviews

Timeline

PublishedMar 19

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gemini Labs Site Reviews site-reviews.This issue affects Site Reviews: from n/a through <= 6.11.6.

Affected Packages1 packages

▶CVEListV5gemini_labs/site_reviews6.11.6

🔴Vulnerability Details

GHSA

GHSA-c65x-frp2-5rxx: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paul Ryley Site Reviews allows Stored XSS↗2024-03-19

▶

CVEList

WordPress Site Reviews plugin <= 6.11.6 - Cross Site Scripting (XSS) vulnerability↗2024-03-19

▶