CVE-2024-47623 is a stored Cross-site Scripting (XSS) vulnerability found in the Gallery Lightbox plugin developed by GhozyLab, affecting all versions up to and including 1.0.0.39. The vulnerability stems from improper neutralization of user-supplied input during the generation of web pages, which allows malicious scripts to be injected and stored persistently within the application. When a victim accesses the affected page, the malicious script executes in their browser context, potentially allowing attackers to steal session cookies, perform actions on behalf of the user, deface web content, or deliver further malware payloads. The vulnerability does not require authentication or user interaction beyond visiting a compromised page, increasing its exploitation potential. No CVSS score has been assigned yet, and no public exploits have been reported. The issue was reserved on September 30, 2024, and published on October 5, 2024, indicating recent disclosure. The lack of available patches at the time of reporting means affected organizations must rely on temporary mitigations such as input sanitization and output encoding. The plugin is commonly used in websites that require image galleries with lightbox features, making it a relevant target for attackers seeking to compromise web applications and their users.

The impact of CVE-2024-47623 is significant for organizations using the Gallery Lightbox plugin on their websites. Successful exploitation can lead to client-side attacks including session hijacking, theft of sensitive user information, unauthorized actions performed on behalf of users, and website defacement. This undermines the confidentiality and integrity of user data and can damage organizational reputation. Additionally, attackers may leverage the vulnerability to distribute malware or conduct phishing attacks by injecting malicious scripts. Since the vulnerability is stored XSS, the malicious payload persists on the server, increasing the risk of repeated exploitation. The ease of exploitation without authentication or user interaction broadens the scope of affected systems, potentially impacting any website using the vulnerable plugin. This can lead to regulatory compliance issues, loss of customer trust, and financial losses due to remediation and incident response efforts.

To mitigate CVE-2024-47623, organizations should prioritize updating the Gallery Lightbox plugin to a patched version once it becomes available from GhozyLab. Until an official patch is released, implement strict input validation on all user-supplied data fields associated with the plugin, ensuring that inputs are sanitized to remove or encode potentially malicious characters. Employ robust output encoding techniques, such as HTML entity encoding, to neutralize scripts before rendering content in browsers. Web application firewalls (WAFs) can be configured to detect and block common XSS attack patterns targeting the plugin. Additionally, conduct regular security audits and penetration testing focused on web application inputs and outputs. Educate developers and administrators about secure coding practices to prevent similar vulnerabilities. Monitoring web logs for unusual script injection attempts and user complaints can help detect exploitation attempts early. Finally, consider implementing Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts in browsers.