Vulnerability Details CVE-2012-4526
piwigo has XSS in password.php (incomplete fix for CVE-2012-4525)
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.5%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- http://www.openwall.com/lists/oss-security/2012/10/18/4
- http://www.openwall.com/lists/oss-security/2013/02/11/1
- http://www.securityfocus.com/bid/55710
- https://access.redhat.com/security/cve/cve-2012-4526
- https://security-tracker.debian.org/tracker/CVE-2012-4526
- http://www.openwall.com/lists/oss-security/2012/10/18/4
- http://www.openwall.com/lists/oss-security/2013/02/11/1
- http://www.securityfocus.com/bid/55710
- https://access.redhat.com/security/cve/cve-2012-4526
- https://security-tracker.debian.org/tracker/CVE-2012-4526
Products affected by CVE-2012-4526
-
cpe:2.3:a:piwigo:piwigo:2.3.1
-
cpe:2.3:a:piwigo:piwigo:2.4.0
-
cpe:2.3:a:piwigo:piwigo:2.4.1
-
cpe:2.3:a:piwigo:piwigo:2.4.2
-
cpe:2.3:a:piwigo:piwigo:2.4.3