4 matches found
CVE-2014-1980
Cross-site scripting XSS vulnerability in include/functionsmetadata.inc.php in Piwigo before 2.4.6 allows remote attackers to inject arbitrary web script or HTML via the Make field in IPTC Exif metadata within an image uploaded to the Community plugin...
CVE-2014-1980
Cross-site scripting XSS vulnerability in include/functionsmetadata.inc.php in Piwigo before 2.4.6 allows remote attackers to inject arbitrary web script or HTML via the Make field in IPTC Exif metadata within an image uploaded to the Community plugin...
CVE-2014-1980
Cross-site scripting XSS vulnerability in include/functionsmetadata.inc.php in Piwigo before 2.4.6 allows remote attackers to inject arbitrary web script or HTML via the Make field in IPTC Exif metadata within an image uploaded to the Community plugin...
CVE-2014-1980
The CVE-2014-1980 issue is a cross-site scripting (XSS) vulnerability in Piwigo prior to version 2.4.6. It affects the code path include/functions_metadata.inc.php when processing IPTC Exif metadata via the Community plugin during image uploads. Remote attackers could inject arbitrary web script ...