WEB APPLICATION VULNERABILITIES Standard & Premium

Piwigo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-40882)

Description

A Cross Site Scripting (XSS) vulnerability exists in Piwigo 11.5.0 via the system album name and description of the location.

Remediation

References

Related Vulnerabilities

Moodle Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2024-48896)

Apache Traffic Server Remote DOS Attack (CVE-2021-27737)

Apache Tomcat directory host Appbase authentication bypass vulnerability

Nexus Repository Manager Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5306)

Apache HTTP Server Resource Management Errors Vulnerability (CVE-2005-3357)

Severity

Medium

Classification

CVE-2021-40882 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities