CVE-2015-9229

Published September 12th, 2017

View on NVD ↗

CVSS v3

4.8

MEDIUM

CVSS v2

3.5

LOW

Affected

PROJECT

Description

In the nggallery-manage-gallery page in the Photocrati NextGEN Gallery plugin 2.1.15 for WordPress, XSS is possible for remote authenticated administrators via the images[1][alttext] parameter.

cybersecurityworks/Disclosed

Disclosing Bugs

GitHub