First published: Thu Feb 08 2024(Updated: )
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yannick Lefebvre Link Library allows Reflected XSS.This issue affects Link Library: from n/a through 7.5.13.
Credit: audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
Ylefebvre Link Library | <=7.5.13 |
Update to 7.6 or a higher version.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-24879 is classified as a moderate severity vulnerability due to its potential for reflected cross-site scripting (XSS) attacks.
To fix CVE-2024-24879, update the Link Library plugin to version 7.5.14 or higher.
CVE-2024-24879 affects all versions of Link Library plugin from its release up to version 7.5.13.
CVE-2024-24879 allows for reflected XSS attacks, which can enable attackers to execute malicious scripts in the context of the user's browser.
Cross-site Scripting in the context of CVE-2024-24879 refers to the improper neutralization of input during web page generation that could allow an attacker to inject and execute scripts.