Zenphoto Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2641)

Description

Cross-site scripting (XSS) vulnerability in Zenphoto before 1.4.3 allows remote attackers to inject arbitrary web script or HTML by triggering improper interaction with an unspecified library.

Remediation

References

CVE-2012-2641

Related Vulnerabilities

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-1692)

Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-12529)

MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-2335)

WordPress Plugin Media Library Assistant PHP Object Injection (2.60)

Joomla Improper Input Validation Vulnerability (CVE-2008-4105)

Severity

Medium

Classification

CVE-2012-2641 CWE-707