CVE-2017-17827

Published
View on NVD ↗
CVSS v3
N/A
CVSS v2
6.8
MEDIUM
Affected
2
PROJECTS

Description

Piwigo 2.9.2 is vulnerable to Cross-Site Request Forgery via /admin.php?page=configuration&section=main or /admin.php?page=batch_manager&mode=unit. An attacker can exploit this to coerce an admin user into performing unintended actions.

Piwigo/Piwigo
Piwigo/Piwigo
Manage your photos with Piwigo, a full featured open source photo gallery application for the web. Star us on Github! More than 200 plugins and themes available. Join us and contribute!
GitHubGitHub
3.8K
sahildhar/sahildhar.github.io
sahildhar/sahildhar.github.io
I share my vulnerability research findings and methodologies here :)
GitHubGitHub
1