Vulnerability Details CVE-2018-14478
ecard.php in Coppermine Photo Gallery (CPG) 1.5.46 has XSS via the sender_name, recipient_email, greetings, or recipient_name parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.7%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- http://forum.coppermine-gallery.net/index.php/board%2C58.0.html
- http://packetstormsecurity.com/files/151306/Coppermine-1.5.46-Cross-Site-Scripting.html
- http://forum.coppermine-gallery.net/index.php/board%2C58.0.html
- http://packetstormsecurity.com/files/151306/Coppermine-1.5.46-Cross-Site-Scripting.html
Products affected by CVE-2018-14478
-
cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.5.46