cpe:/a:kubik-rubik:simple_image_gallery_extended:1.5-3::~~~joomla%21~~ cpe:/a:kubik-rubik:simple_image_gallery_extended:1.5-15::~~~joomla%21~~ cpe:/a:kubik-rubik:simple_image_gallery_extended:1.6-2::~~~joomla%21~~ cpe:/a:kubik-rubik:simple_image_gallery_extended:1.7-2::~~~joomla%21~~ cpe:/a:kubik-rubik:simple_image_gallery_extended:3.2.0::~~~joomla%21~~ CVE-2017-16356 2018-02-20T10:29:00.303-05:00 2018-03-05T10:48:15.827-05:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2018-03-05T10:41:22.053-05:00 EXPLOIT-DB 44104 MISC http://packetstormsecurity.com/files/146422/Joomla-Kubik-Rubik-SIGE-3.2.3-Cross-Site-Scripting.html Reflected XSS in Kubik-Rubik SIGE (aka Simple Image Gallery Extended) before 3.3.0 allows attackers to execute JavaScript in a victim's browser by having them visit a plugins/content/sige/plugin_sige/print.php link with a crafted img, name, or caption parameter.