Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2019-13363

Опубликовано: 13 сент. 2019
Источник: debian
EPSS Низкий

Описание

admin.php?page=notification_by_mail in Piwigo 2.9.5 has XSS via the nbm_send_html_mail, nbm_send_mail_as, nbm_send_detailed_content, nbm_complementary_mail_content, nbm_send_recent_post_dates, or param_submit parameter. This is exploitable via CSRF.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
piwigoremovedpackage

EPSS

Процентиль: 53%
0.003
Низкий

Связанные уязвимости

nvd логотип

CVE-2019-13363

CVSS3: 9.6
nvd
больше 6 лет назад

admin.php?page=notification_by_mail in Piwigo 2.9.5 has XSS via the nbm_send_html_mail, nbm_send_mail_as, nbm_send_detailed_content, nbm_complementary_mail_content, nbm_send_recent_post_dates, or param_submit parameter. This is exploitable via CSRF.

github логотип

GHSA-f7q4-mhgv-m69x

CVSS3: 9.6
github
больше 3 лет назад

admin.php?page=notification_by_mail in Piwigo 2.9.5 has XSS via the nbm_send_html_mail, nbm_send_mail_as, nbm_send_detailed_content, nbm_complementary_mail_content, nbm_send_recent_post_dates, or param_submit parameter. This is exploitable via CSRF.

EPSS

Процентиль: 53%
0.003
Низкий