Description
url_check_format in include/functions.inc.php in Piwigo before 2.8.3 allows remote attackers to bypass intended access restrictions via a URL that contains a " character, or a URL beginning with a substring other than the http:// or https:// substring.
Remediation
References
Related Vulnerabilities
WordPress Plugin Donation Block For PayPal Unspecified Vulnerability (1.0.0)
Ruby on Rails Data Processing Errors Vulnerability (CVE-2014-3916)
Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2022-2048)
Oracle JRE CVE-2012-0497 Vulnerability (CVE-2012-0497)
Magento Insufficient Verification of Data Authenticity Vulnerability (CVE-2019-8124)