CVE-2017-17826
21.12.2017, 04:29
The Configuration component of Piwigo 2.9.2 is vulnerable to Persistent Cross Site Scripting via the gallery_title parameter in an admin.php?page=configuration§ion=main request. An attacker can exploit this to hijack a client's browser along with the data stored in it.
Vendor | Product | Version |
---|---|---|
piwigo | piwigo | 2.9.2 |
𝑥
= Vulnerable software versions
References