Description

Cross-site scripting (XSS) vulnerability in contact.php in Coppermine Photo Gallery before 1.5.36 allows remote authenticated users to inject arbitrary web script or HTML via the referer parameter.

Remediation

References

CVE-2015-3921

Related Vulnerabilities

WordPress Plugin Amazon JS Cross-Site Scripting (0.10)

WordPress Plugin WP Photo Album Plus Cross-Site Scripting (4.9.2)

WordPress Plugin WordPress Survey & Poll-Quiz, Survey and Poll PHP Object Injection (1.5.5)

MySQL CVE-2017-10384 Vulnerability (CVE-2017-10384)

PHP CVE-2012-1823 Vulnerability (CVE-2012-1823)

Severity

Low

Classification

CVE-2015-3921

Tags

Missing Update Known Vulnerabilities