Description The wrapper extensions do not correctly validate inputs, leading to XSS vectors. Remediation References CVE-2024-26279 Related Vulnerabilities MySQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-5026) Magento CVE-2020-3718 Vulnerability (CVE-2020-3718) Drupal CVE-2020-13665 Vulnerability (CVE-2020-13665) Oracle JRE CVE-2019-2989 Vulnerability (CVE-2019-2989) Envoy Proxy Use After Free Vulnerability (CVE-2023-35943) Severity Medium Classification CVE-2024-26279 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities