Description
In Piwigo 11.5.0, there exists a persistent cross-site scripting in the single mode function through /admin.php?page=batch_manager&mode=unit.
Remediation
References
Related Vulnerabilities
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.5)
WordPress Plugin Virtual Robots.txt Cross-Site Scripting (1.9)
Zope Web Application Server Other Vulnerability (CVE-2000-0725)
XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-46242)
WordPress Plugin WordPress Download Manager Cross-Site Request Forgery (2.9.60)