Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2018-7724 - Vulnerability Database
Piwigo

Piwigo Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2018-7724

Medium
Reference: CVE-2018-7724
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2018-7724
Title: Piwigo Cross-Site Request Forgery (CSRF) Vulnerability
Overview:

The management panel in Piwigo 2.9.3 has stored XSS via the name parameter in a /admin.phppagephoto-photo_number request. CSRF exploitation related to CVE-2017-10681 may be possible.