Description
Cross-site scripting (XSS) vulnerability in the administrative backend in Piwigo before 2.7.4 allows remote attackers to inject arbitrary web script or HTML via the page parameter to admin.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin Testimonial Slider Multiple Cross-Site Scripting Vulnerabilities (1.2.5)
HSQLDB CVE-2022-41853 Vulnerability (CVE-2022-41853)
WordPress Plugin FireStats 'firestats-wordpress.php' Remote File Include (1.6.1)
WordPress Plugin WordPress File Upload Directory Traversal (4.12.2)
WordPress Plugin Download Manager Cross-Site Scripting (3.2.52)