Vulnerabilities

CVE-2017-17827

by Fred · 20/12/2017

Piwigo 2.9.2 is vulnerable to Cross-Site Request Forgery via /admin.php?page=configuration&section=main or /admin.php?page=batch_manager&mode=unit. An attacker can exploit this to coerce an admin user into performing unintended actions.

Date published : 2017-12-20

https://github.com/Piwigo/Piwigo/commit/c3b4c6f7f0ddeaea492080fb8211d7b4cfedaf6f

https://github.com/Piwigo/Piwigo/issues/822

Similar

Tags: Cybersecurity Alert