CVE-2015-2034

Cross-site scripting (XSS) vulnerability in the administrative backend in Piwigo before 2.7.4 allows remote attackers to inject arbitrary web script or HTML via the page parameter to admin.php.

Date published : 2015-02-20

http://www.securityfocus.com/bid/72690

http://piwigo.org/forum/viewtopic.php?id=25179