CVE-2016-10513

CVE-2016-10513

EPSS 0.9%

Cross Site Scripting (XSS) exists in Piwigo before 2.8.3 via a crafted search expression to include/functions_search.inc.php.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://piwigo.org/releases/2.8.3 https://github.com/Piwigo/Piwigo/commit/9a93d1f44b06605af84520509e7a0e8b64ab0c05 https://github.com/Piwigo/Piwigo/issues/548