WEB APPLICATION VULNERABILITIES Standard & Premium

Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-22150)

Description

A cross site scripting (XSS) vulnerability in /admin.php?page=permalinks of Piwigo 2.10.1 allows attackers to execute arbitrary web scripts or HTML.

Remediation

References

Related Vulnerabilities

WordPress Plugin Calendar Event Multi View Multiple SQL Injection Vulnerabilities (1.1.7)

WordPress Plugin Add Link to Facebook Cross-Site Scripting (2.3)

Joomla Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2023-23755)

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-7987)

Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-8420)

Severity

Medium

Classification

CVE-2020-22150 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities