Description

Cross-site scripting (XSS) vulnerability in the image processor in Zenphoto before 1.4.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2015-2948

Related Vulnerabilities

WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3747)

WordPress Plugin Simple visitor stat Cross-Site Scripting (1.0)

WordPress Plugin Responsive WordPress Slider Cross-Site Scripting (2.2.0)

WordPress Plugin WordPress Firewall 2 Multiple Vulnerabilities (1.3)

Oracle Database Server CVE-2015-0457 Vulnerability (CVE-2015-0457)

Severity

Medium

Classification

CVE-2015-2948 CWE-707

Tags

Missing Update Known Vulnerabilities