cvedb.io
CVE-2017-16356
MEDIUM · CVSS 6.1
EPSS exploitation probability: 0%
Published 2018-02-20T15:29:00.303 · Last modified 2026-06-17T01:09:14.200

Summary

Reflected XSS in Kubik-Rubik SIGE (aka Simple Image Gallery Extended) before 3.3.0 allows attackers to execute JavaScript in a victim's browser by having them visit a plugins/content/sige/plugin_sige/print.php link with a crafted img, name, or caption parameter.

Affected products

kubik-rubik — simple_image_gallery_extended

Does this affect you?

Add your gear to cvedb and we'll alert you only when kubik-rubik ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.