LycheeOrg/Lychee-v3

Releases60

Frequency1 month 1 week

Last Release almost 7 years ago

Stars940

A great looking and easy-to-use photo-management-system you can run on your server, to manage and share photos.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2021-43675 ↗	Dec 15, 2021Wednesday, 15 December 2021, 16:15	6.1 MEDIUM	4.3 MEDIUM
Lychee-v3 3.2.16 is affected by a Cross Site Scripting (XSS) vulnerability in php/Access/Guest.php. The function exit will terminate the script and print the message to the user. The message will contain albumID which is controlled by the user.