CVE-2024-28662 | Piwigo up to 14.2.x functions.php create_tag cross site scripting (GHSA-8g2g-6f2c-6h7j)

Posted by Angelo Barbosa | Mar 13, 2024 | CVE

A vulnerability classified as problematic was found in Piwigo up to 14.2.x. This vulnerability affects the function create_tag of the file admin/include/functions.php. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2024-28662. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-28662 | Piwigo up to 14.2.x functions.php create_tag cross site scripting (GHSA-8g2g-6f2c-6h7j)

Related Posts

CVE-2024-34610 | Samsung Devices ExtControlDeviceService access control

CVE-2024-25770 | libming 0.4.8 listaction.c memory leak

CVE-2024-6849 | Preloader Plus Plugin up to 2.2.1 on WordPress SVG File Upload cross site scripting

CVE-2024-42371 | SAP NetWeaver Application Server for ABAP and ABAP Platform RFC Enabled Function Module authorization