CVE-2024-29123

CWE-79 — Cross-site Scripting (XSS)3 documents3 sources

Severity

6.1MEDIUM

EPSS

0.2%

top 61.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Ylefebvre Link Library Yannick Lefebvre Link Library

Timeline

PublishedMar 19

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yannick Lefebvre Link Library allows Reflected XSS.This issue affects Link Library: from n/a through 7.6.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:LExploitability: 2.8 | Impact: 3.7

Affected Packages2 packages

▶CVEListV5yannick_lefebvre/link_libraryn/a — 7.6

▶NVDylefebvre/link_library< 7.6.1

🔴Vulnerability Details

GHSA

GHSA-wv6g-f8q7-v8cx: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yannick Lefebvre Link Library allows Reflected X↗2024-03-19

▶

CVEList

WordPress Link Library plugin <= 7.6 - Reflected Cross Site Scripting (XSS) vulnerability↗2024-03-19

▶