First published: Sat Jul 20 2024(Updated: )
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Yannick Lefebvre Link Library allows Reflected XSS.This issue affects Link Library: from n/a through 7.7.1.
Credit: audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
Yannick Lefebvre Link Library | >=n/a<7.7.1 | |
Ylefebvre Link Library | <=7.7.1 | |
Ylefebvre Link Library | <7.7.2 |
Update to 7.7.2 or a higher version.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-38711 is classified as a medium severity vulnerability due to its potential for reflected cross-site scripting attacks.
To mitigate CVE-2024-38711, update the Yannick Lefebvre Link Library to version 7.7.2 or later.
CVE-2024-38711 can facilitate reflected cross-site scripting (XSS) attacks, allowing an attacker to inject malicious scripts.
CVE-2024-38711 affects the Yannick Lefebvre Link Library from n/a through version 7.7.1.
Yes, CVE-2024-38711 also affects the WordPress Link Library plugin, specifically versions up to 7.7.1.