Description
Cross-site scripting (XSS) vulnerability in the export function in zp-core/zp-extensions/mergedRSS.php in Zenphoto before 1.4.5.4 allows remote attackers to inject arbitrary web script or HTML via the URI.
Remediation
References
Related Vulnerabilities
Jenkins CVE-2018-1000408 Vulnerability (CVE-2018-1000408)
WordPress 6.1.x Multiple Vulnerabilities (6.1 - 6.1.3)
Roundcube Unspesificed Vulnerability (CVE-2019-10740)
WordPress Plugin Premium Addons for Elementor Security Bypass (4.5.1)
Liferay Portal Origin Validation Error Vulnerability (CVE-2022-25146)