Description
Cross-site scripting (XSS) vulnerability in contact.php in Coppermine Photo Gallery before 1.5.36 allows remote authenticated users to inject arbitrary web script or HTML via the referer parameter.
Remediation
References
Related Vulnerabilities
Ruby on Rails Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-8166)
MySQL CVE-2019-2534 Vulnerability (CVE-2019-2534)
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-5113)
Apache read beyond bounds via ap_rwrite() Vulnerability (CVE-2022-28614)
MySQL NULL Pointer Dereference Vulnerability (CVE-2020-1967)