CVE-2024-25807

Cross Site Scripting (XSS) vulnerability in Lychee 3.1.6, allows remote attackers to execute arbitrary code and obtain sensitive information via the title parameter when creating an album. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt