← volver
CVE-2017-10679

CVE-2017-10679

EPSS 2.5%
Piwigo through 2.9.1 allows remote attackers to obtain sensitive information about the descriptive name of a permalink by examining the redirect URL that is returned in a request for the permalink ID number of a private album. The permalink ID numbers are easily guessed.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/Piwigo/Piwigo/issues/721https://github.com/Piwigo/Piwigo/issues/723http://www.securityfocus.com/bid/99380