2 matches found
CVE-2020-9468
The Community plugin 2.9.e-beta for Piwigo allows users to set image information on images in albums for which they do not have permission, by manipulating the imageid parameter...
CVE-2020-9468
The CVE-2020-9468 issue concerns the Community plugin 2.9.e-beta for Piwigo. Affected: the plugin’s image information handling, where an attacker can set image metadata on images in albums they lack permission for by manipulating the image_id parameter. Root cause appears to be a permission check...