LibrePhotos/librephotos

Releases2

Frequency8 months 2 weeks

Last Release over 7 years ago

Stars7.99K

A self-hosted open source photo management service.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-53617 ↗	Dec 2, 2024Monday, 2 December 2024, 19:15	4.8 MEDIUM	—
A Cross Site Scripting vulnerability in LibrePhotos before commit 32237 allows attackers to takeover any account via uploading an HTML file on behalf of the admin user using IDOR in file upload.
CVE-2023-22903 ↗	Jan 10, 2023Tuesday, 10 January 2023, 06:15	9.8 CRITICAL	—
api/views/user.py in LibrePhotos before e19e539 has incorrect access control.