Lychee@3.1.6 Security Vulnerabilities and Issues — Lychee@3.1.6 CVE List

Lucene search

LycheeorgLychee3.1.6

2 matches found

CVE•added 2024/03/22 3:15 a.m.•62 views

CVE-2024-25807

Cross Site Scripting (XSS) vulnerability in Lychee 3.1.6, allows remote attackers to execute arbitrary code and obtain sensitive information via the title parameter when creating an album.

6.1CVSS6.3AI score0.00184EPSS

CVE•added 2024/03/22 4:15 a.m.•45 views

CVE-2024-25808

Cross-site Request Forgery (CSRF) vulnerability in Lychee version 3.1.6, allows remote attackers to execute arbitrary code via the create new album function.

8.3CVSS8.2AI score0.00792EPSS