CVE-2021-43675

Published
View on NVD ↗
CVSS v3
6.1
MEDIUM
CVSS v2
4.3
MEDIUM
Affected
3
PROJECTS

Description

Lychee-v3 3.2.16 is affected by a Cross Site Scripting (XSS) vulnerability in php/Access/Guest.php. The function exit will terminate the script and print the message to the user. The message will contain albumID which is controlled by the user.

LycheeOrg/Lychee-v3
LycheeOrg/Lychee-v3
A great looking and easy-to-use photo-management-system you can run on your server, to manage and share photos.
GitHubGitHub
940
LycheeOrg/Lychee
LycheeOrg/Lychee
A great looking and easy-to-use photo-management-system you can run on your server, to manage and share photos.
GitHubGitHub
4.18K
LycheeOrg/LycheeOrg.github.io
LycheeOrg/LycheeOrg.github.io
This repository is for the LycheeOrg.github.io website and the documentation contained there. For Lychee issues please visit https://github.com/LycheeOrg/Lychee
GitHubGitHub
12