4images Image Gallery Management System 1.7.11 is affected by cross-site scripting (XSS) in the Image URL. This vulnerability can result in an attacker to inject the XSS payload into the IMAGE URL. Each time a user visits that URL, the XSS triggers and the attacker can be able to steal the cookie according to the crafted payload.
{ "cpes": [ "cpe:2.3:a:4homepages:4images:1.7.11:*:*:*:*:*:*:*", "cpe:2.3:a:4homepages:4images:*:*:*:*:*:*:*:*" ], "severity": "Medium" }