Description

Cross-site request forgery (CSRF) vulnerability in Piwigo through 2.9.1 allows remote attackers to hijack the authentication of users for requests to unlock albums via a crafted request.

Remediation

References

CVE-2017-10681

Related Vulnerabilities

Joomla! Core Cross-Site Scripting (1.6.0 - 3.6.0)

Apache Tomcat Improper Authentication Vulnerability (CVE-2012-5886)

WordPress Plugin Chained Quiz Cross-Site Scripting (1.2.7)

MySQL CVE-2020-14794 Vulnerability (CVE-2020-14794)

Envoy Proxy Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-27493)

Severity

High

Classification

CVE-2017-10681 CWE-352 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities