8 matches found
CVE-2023-53915
Zenphoto 1.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by inserting HTML content into album descriptions. Attackers can create albums with malicious iframe or script tags in the description field that execute when users vi...
EUVD-2023-60215
Zenphoto 1.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by inserting HTML content into album descriptions. Attackers can create albums with malicious iframe or script tags in the description field that execute when users vi...
CVE-2023-53915
Zenphoto 1.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by inserting HTML content into album descriptions. Attackers can create albums with malicious iframe or script tags in the description field that execute when users vi...
CVE-2023-53915
Zenphoto 1.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by inserting HTML content into album descriptions. Attackers can create albums with malicious iframe or script tags in the description field that execute when users vi...
CVE-2023-53915 Zenphoto 1.6 Stored Cross-Site Scripting via Album Description
Zenphoto 1.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by inserting HTML content into album descriptions. Attackers can create albums with malicious iframe or script tags in the description field that execute when users vi...
CVE-2023-53915
Zenphoto 1.6 is affected by a stored cross-site scripting (XSS) vulnerability in album descriptions. The issue allows an authenticated attacker to insert HTML content (e.g., iframe or script tags) in album descriptions, which can execute when users view the affected album page. Public references ...
CVE-2023-53915 Zenphoto 1.6 Stored Cross-Site Scripting via Album Description
Zenphoto 1.6 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by inserting HTML content into album descriptions. Attackers can create albums with malicious iframe or script tags in the description field that execute when users vi...
PT-2025-51953
Name of the Vulnerable Software and Affected Versions Zenphoto version 1.6 Description An authenticated attacker can inject malicious scripts by inserting HTML content into album descriptions. Attackers can create albums with malicious iframe or script tags in the description field, which execute...