Description

Cross-site scripting vulnerability in Zenphoto versions prior to 1.5.7 allows remote attackers to inject an arbitrary JavaScript via unspecified vectors.

Remediation

References

CVE-2020-5592

Related Vulnerabilities

WordPress Plugin Flip Book 'php.php' Arbitrary File Upload (1.0)

PHP Other Vulnerability (CVE-2005-1043)

WordPress Plugin Popup Builder-Create highly converting, mobile friendly marketing popups Multiple Vulnerabilities (3.63)

WordPress Plugin Responsive Owl Carousel for Elementor Local File Inclusion (1.2.0)

TYPO3 Resource Management Errors Vulnerability (CVE-2013-1843)

Severity

Medium

Classification

CVE-2020-5592 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities