NuytsTech Security

CVE-2020-9467

by ·

Piwigo 2.10.1 has stored XSS via the file parameter in a /ws.php request because of the pwg.images.setInfo function.

Date published : 2020-03-26

https://github.com/Piwigo/Piwigo/issues/1168

http://packetstormsecurity.com/files/159191/Piwigo-2.10.1-Cross-Site-Scripting.html

Tags: