Description
Cross-site request forgery (CSRF) vulnerability in Piwigo through 2.9.1 allows remote attackers to hijack the authentication of users for requests to change a private album to public via a crafted request.
Remediation
References
Related Vulnerabilities
WordPress Plugin MetaSlider Cross-Site Scripting (3.17.1)
TYPO3 Resource Management Errors Vulnerability (CVE-2013-1843)
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4627)
Drupal Core 6.x Multiple Security Bypass Vulnerabilities (6.0 - 6.4)
Grafana Incorrect Authorization Vulnerability (CVE-2022-31107)