3 matches found
CVE-2018-7717
The htmlImageAddTitleAttribute function in sige.php in the Kubik-Rubik Simple Image Gallery Extended SIGE extension 3.2.3 for Joomla! has XSS via a crafted image header, as demonstrated by the Caption-Abstract header object in a JPEG file. This is fixed in 3.3.1...
CVE-2018-7717
The htmlImageAddTitleAttribute function in sige.php in the Kubik-Rubik Simple Image Gallery Extended SIGE extension 3.2.3 for Joomla! has XSS via a crafted image header, as demonstrated by the Caption-Abstract header object in a JPEG file. This is fixed in 3.3.1...
CVE-2018-7717
The CVE-2018-7717 vulnerability affects the Joomla! extension Kubik-Rubik Simple Image Gallery Extended (SIGE) 3.2.3, where the function htmlImageAddTitleAttribute in sige.php allows XSS via a crafted image header (Caption-Abstract header in a JPEG). The issue is exploited by manipulating image p...