CVE-2018-7723
CVE-2018-7723 affects Piwigo 2.9.3: a stored XSS in the admin panel via the virtual_name parameter in /admin.php?page=cat_list (distinct from CVE-2017-9836). The description notes CSRF exploitation may be possible, related to CVE-2017-10681. CVSS vectors are provided (3.5/LOW for CVSS2, 5.4/MEDIU...