Vulnerability
xss in admiror gallery 5.2.0
Description
The Application does not sanitize or escape AG_responseType parameter, making it vulnerable to reflected cross-site scripting attacks (XSS) when a victim opens the malicious url sent by an attacker.
CVE-ID
CVE-2023-38045
Vendor
Admiror Design Studio
Product
Joomla Extension Admiror Gallery
Disclosure Timeline
Made Public On:
Reported On 06-07-2023
Fixed On: Not Fixed
Credits
Vishal and Siva