Description

Cross-site scripting (XSS) vulnerability in ZenPhoto20 1.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2015-2949

Related Vulnerabilities

WordPress Plugin Print My Blog-Print, PDF, & eBook Converter Server-Side Request Forgery (1.6.5)

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2017-17485)

MediaWiki Improper Access Control Vulnerability (CVE-2015-8001)

WordPress Plugin NextGEN Gallery-WordPress Gallery Directory Traversal (2.1.9)

Java Unspesificed Vulnerability (CVE-2018-2941)

Severity

Medium

Classification

CVE-2015-2949 CWE-707

Tags

Missing Update Known Vulnerabilities