Cross-site scripting (XSS) vulnerability in admin/plugin.php in Piwigo up to and including 2.8.3 allows remote malicious users to inject arbitrary web script or HTML via a crafted filename that is mishandled in a certain error case.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
piwigo piwigo |