Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 716626

Summary: www-apps/piwigo: Unspecified vulnerability (CVE-2020-9467)
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED DUPLICATE    
Severity: minor    
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B4 [cleanup cve]
Package list:
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2020-04-08 00:29:22 UTC 
CVE-2020-9467 (https://nvd.nist.gov/vuln/detail/CVE-2020-9467):
  Piwigo 2.10.1 has stored XSS via the file parameter in a /ws.php request
  because of the pwg.images.setInfo function.


This is being filed to close, no vulnerable version in tree.
Comment 1 Yury German Gentoo Infrastructure gentoo-dev 2020-04-08 00:31:49 UTC 

*** This bug has been marked as a duplicate of bug 714926 ***