Share:

CVE-2020-9467 - Piwigo Piwigo

March 27, 2020

Moderate 5.4

Piwigo 2.10.1 has stored XSS via the file parameter in a /ws.php request because of the pwg.images.setInfo function.

Affected software

Piwigo Piwigo

Reference links

https://github.com/Piwigo/Piwigo/issues/1168

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.