CVE-2017-9452

Cross-site scripting XSS vulnerability in admin.php in Piwigo 2.9.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter...

CVE-2017-9452

Cross-site scripting XSS vulnerability in admin.php in Piwigo 2.9.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the page parameter...

CVE-2017-9452

CVE-2017-9452 describes a cross-site scripting (XSS) vulnerability in the Piwigo web photo gallery. The issue is in the admin.php handler where the parameter page can be manipulated to inject arbitrary script or HTML. Affected software: Piwigo 2.9.0 and earlier. Impact: remote attackers could exe...