CVE-2017-10679

2017-06-29T17:29:00
ID CVE-2017-10679
Type cve
Reporter NVD
Modified 2017-07-05T21:29:00

Description

Piwigo through 2.9.1 allows remote attackers to obtain sensitive information about the descriptive name of a permalink by examining the redirect URL that is returned in a request for the permalink ID number of a private album. The permalink ID numbers are easily guessed.