CVE-2024-29832

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
6.1MEDIUM
EPSS
0.1%
top 67.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
10web Photo Gallery10web Photogallery
Timeline
PublishedMar 26

Description

The current_url parameter of the AJAX call to the GalleryBox action of admin-ajax.php is vulnerable to reflected Cross Site Scripting. The value of the current_url parameter is embedded within an existing JavaScript within the response allowing arbitrary JavaScript to be inserted and executed. No authentication is required to exploit this issue. Note that other parameters within a AJAX call, such as image_id, must be valid for this vulnerability to be successfully exploited.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

NVD10web/photo_gallery< 1.8.22
CVEListV510web/photogallery1.0.11.8.21

🔴Vulnerability Details

2
GHSA
GHSA-mq4p-h73v-pvm2: The current_url parameter of the AJAX call to the GalleryBox action of admin-ajax2024-03-26
CVEList
WordPress Photo Gallery Plugin <= 1.8.21 Unauthenticated Reflected Cross Site Scripting in GalleryBox current_url2024-03-26
CVE-2024-29832 (MEDIUM CVSS 6.1) | The current_url parameter of the AJ | cvebase.io