Description
Piwigo v2.8.2 has XSS via the `tab`, `to`, `section`, `mode`, `installstatus`, and `display` parameters of the `admin.php` file.
Remediation
References
Related Vulnerabilities
WordPress Plugin HDW WordPress Video Gallery Multiple Cross-Site Scripting Vulnerabilities (1.2)
WordPress Plugin UserPro-Community and User Profile Multiple Vulnerabilities (5.1.4)
WebLogic CVE-2017-10063 Vulnerability (CVE-2017-10063)
WordPress Plugin Adminer Security Bypass (1.4.5)
WordPress Plugin WP Mail Logging Cross-Site Scripting (1.11.1)