Unrated severityNVD Advisory· Published Feb 20, 2018· Updated Aug 5, 2024

CVE-2017-16356

Description

Reflected XSS in Kubik-Rubik SIGE (aka Simple Image Gallery Extended) before 3.3.0 allows attackers to execute JavaScript in a victim's browser by having them visit a plugins/content/sige/plugin_sige/print.php link with a crafted img, name, or caption parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

WordPress/Simple Image Gallery Extendedinferred
Range: <3.3.0
Package: https://wordpress.org/plugins/simple-image-gallery-extended
Kubik Rubik/Joomla Image Gallery Extendedllm-fuzzy
Range: <3.3.0

Patches

Vulnerability mechanics

References

www.exploit-db.com/exploits/44104/mitreexploitx_refsource_EXPLOIT-DB
packetstormsecurity.com/files/146422/Joomla-Kubik-Rubik-SIGE-3.2.3-Cross-Site-Scripting.htmlmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000