CVE-2018-7722
Piwigo 2.9.3 is affected by CVE-2018-7722 (and related CVEs) where stored XSS is triggered via the name parameter in a /ws.php?format=json request on the management panel. The underlying issue is a stored XSS flaw in the web interface that could be exploited by crafted input to execute script in ...