3 matches found
CVE-2022-48007
A stored cross-site scripting XSS vulnerability in identification.php of Piwigo v13.4.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the User-Agent...
CVE-2022-48007
A stored cross-site scripting XSS vulnerability in identification.php of Piwigo v13.4.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the User-Agent...
CVE-2022-48007
CVE-2022-48007 affects Piwigo, specifically a stored XSS in the identification.php component of Piwigo v13.4.0. The vulnerability exists when a crafted payload is injected into the User-Agent, enabling execution of arbitrary web scripts/HTML in a victim’s browser under the context of the affected...