Description
Cross-site scripting (XSS) vulnerability in the export function in zp-core/zp-extensions/mergedRSS.php in Zenphoto before 1.4.5.4 allows remote attackers to inject arbitrary web script or HTML via the URI.
Remediation
References
Related Vulnerabilities
Joomla CVE-2012-0819 Vulnerability (CVE-2012-0819)
Django Inefficient Algorithmic Complexity Vulnerability (CVE-2025-14550)
WordPress Plugin Ruven Toolkit Cross-Site Scripting (1.1)
MySQL CVE-2017-3244 Vulnerability (CVE-2017-3244)
WordPress Plugin Multi Step Form Multiple Cross-Site Scripting Vulnerabilities (1.2.5)