Impact
The vulnerability allowed to execute JavaScript code by abusing link href attribute. It affects all users using the Open Link plugin at version < 1.0.5.
Patches
The problem has been recognized and patched. The fix is available starting with version 1.0.5.
Acknowledgements
I would like to thank Anurag Mondal for recognizing and reporting this vulnerability.
References: https://github.com/7Ragnarok7/CVE-2024-37888/blob/main/README.md
Impact
The vulnerability allowed to execute JavaScript code by abusing link href attribute. It affects all users using the Open Link plugin at version < 1.0.5.
Patches
The problem has been recognized and patched. The fix is available starting with version 1.0.5.
Acknowledgements
I would like to thank Anurag Mondal for recognizing and reporting this vulnerability.
References: https://github.com/7Ragnarok7/CVE-2024-37888/blob/main/README.md