Description
Cross-site scripting (XSS) vulnerability in contact.php in Coppermine Photo Gallery before 1.5.36 allows remote authenticated users to inject arbitrary web script or HTML via the referer parameter.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2012-0519 Vulnerability (CVE-2012-0519)
Rukovoditel Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-11817)
PleskWin Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4878)
WordPress Plugin GD Star Rating 'votes' Parameter SQL Injection (1.9.8)