Description
Cross Site Scripting (XSS) exists in Piwigo before 2.8.3 via a crafted search expression to include/functions_search.inc.php.
Remediation
References
Related Vulnerabilities
MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-5615)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5296)
Oracle Application Server CVE-2008-2614 Vulnerability (CVE-2008-2614)
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2021-43824)