CVE-2017-5608

Опубликовано: 28 янв. 2017

Источник: ubuntu

Приоритет: medium

CVSS2: 4.3

CVSS3: 6.1

Описание

Cross-site scripting (XSS) vulnerability in the image upload function in Piwigo before 2.8.6 allows remote attackers to inject arbitrary web script or HTML via a crafted image filename.

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	ignored	end of life
precise/esm	DNE	precise was needed
trusty	DNE
trusty/esm	DNE
upstream	released	2.8.6
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	DNE

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Связанные уязвимости

CVE-2017-5608

CVSS3: 6.1

nvd

около 9 лет назад

Cross-site scripting (XSS) vulnerability in the image upload function in Piwigo before 2.8.6 allows remote attackers to inject arbitrary web script or HTML via a crafted image filename.

CVE-2017-5608

CVSS3: 6.1

debian

около 9 лет назад

Cross-site scripting (XSS) vulnerability in the image upload function ...

GHSA-qg2c-j2gc-cjp5

CVSS3: 6.1

github

больше 3 лет назад

Cross-site scripting (XSS) vulnerability in the image upload function in Piwigo before 2.8.6 allows remote attackers to inject arbitrary web script or HTML via a crafted image filename.

4.3 Medium

CVSS2

6.1 Medium

CVSS3

CVE-2017-5608

Описание

Пакет piwigo

Ссылки на источники

Связанные уязвимости