2 matches found
CVE-2017-10680
Cross-site request forgery CSRF vulnerability in Piwigo through 2.9.1 allows remote attackers to hijack the authentication of users for requests to change a private album to public via a crafted request...
CVE-2017-10680
CVE-2017-10680 affects Piwigo up to version 2.9.1. The vulnerability is a Cross-Site Request Forgery (CSRF) that allows remote attackers to hijack user authentication and change a private album to public via a crafted request. The issue stems from insufficient CSRF protections in Piwigo before or...