CVE-2017-5608

Опубликовано: 28 янв. 2017

Источник: debian

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in the image upload function in Piwigo before 2.8.6 allows remote attackers to inject arbitrary web script or HTML via a crafted image filename.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
piwigo	removed			package

EPSS

Процентиль: 71%

0.00697

Низкий

Связанные уязвимости

CVE-2017-5608

CVSS3: 6.1

ubuntu

около 9 лет назад

Cross-site scripting (XSS) vulnerability in the image upload function in Piwigo before 2.8.6 allows remote attackers to inject arbitrary web script or HTML via a crafted image filename.

CVE-2017-5608

CVSS3: 6.1

nvd

около 9 лет назад

Cross-site scripting (XSS) vulnerability in the image upload function in Piwigo before 2.8.6 allows remote attackers to inject arbitrary web script or HTML via a crafted image filename.

GHSA-qg2c-j2gc-cjp5

CVSS3: 6.1

github

больше 3 лет назад

Cross-site scripting (XSS) vulnerability in the image upload function in Piwigo before 2.8.6 allows remote attackers to inject arbitrary web script or HTML via a crafted image filename.

EPSS

Процентиль: 71%

0.00697

Низкий