Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 716626 - www-apps/piwigo: Unspecified vulnerability (CVE-2020-9467)
Summary: www-apps/piwigo: Unspecified vulnerability (CVE-2020-9467)
Status: RESOLVED DUPLICATE of bug 714926
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor
Assignee: Gentoo Security
URL:
Whiteboard: B4 [cleanup cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2020-04-08 00:29 UTC by GLSAMaker/CVETool Bot
Modified: 2020-04-08 00:31 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2020-04-08 00:29:22 UTC 
CVE-2020-9467 (https://nvd.nist.gov/vuln/detail/CVE-2020-9467):
  Piwigo 2.10.1 has stored XSS via the file parameter in a /ws.php request
  because of the pwg.images.setInfo function.


This is being filed to close, no vulnerable version in tree.
Comment 1 Yury German Gentoo Infrastructure gentoo-dev 2020-04-08 00:31:49 UTC 

*** This bug has been marked as a duplicate of bug 714926 ***