2 matches found
CVE-2024-25808
Cross-site Request Forgery CSRF vulnerability in Lychee version 3.1.6, allows remote attackers to execute arbitrary code via the create new album function...
PT-2024-21140 · Lychee · Lychee
Name of the Vulnerable Software and Affected Versions: Lychee version 3.1.6 Description: The issue allows remote attackers to execute arbitrary code and obtain sensitive information via the title parameter when creating an album. This is a Cross Site Scripting XSS issue. Recommendations: For Lych...