CVE-2016-9751

Cross-site scripting (XSS) vulnerability in the search results front end in Piwigo 2.8.3 allows remote attackers to inject arbitrary web script or HTML via the search parameter.
References
Link Resource
http://www.securityfocus.com/bid/94637 Third Party Advisory VDB Entry
https://github.com/Piwigo/Piwigo/issues/559 Issue Tracking Patch Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:piwigo:piwigo:2.8.3:*:*:*:*:*:*:*

History

No history.

Information

Published : 2016-12-01 11:59

Updated : 2024-02-04 19:11


NVD link : CVE-2016-9751

Mitre link : CVE-2016-9751

CVE.ORG link : CVE-2016-9751


JSON object : View

Products Affected

piwigo

  • piwigo
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')