CVE-2018-7724
CVE-2018-7724
The management panel in Piwigo 2.9.3 has stored XSS via the name parameter in a /admin.php?page=photo-${photo_number} request. CSRF exploitation, related to CVE-2017-10681, may be possible.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →