[FD] Multiple Cross-site Scripting Vulnerabilities in ZenPhoto 1.4.14

Daniel Bishtawi Tue, 08 Jan 2019 10:08:41 -0800

Hello,

We are glad to inform you about the vulnerabilities we reported in ZenPhoto
1.4.14.


Here are the details:

Advisory by Netsparker
Name: Multiple Cross-Site Scripting Vulnerabilities in ZenPhoto 1.4.14
Affected Software: ZenPhoto
Affected Versions: 1.4.14
Homepage: http://www.zenphoto.org/
Vulnerability: Cross-Site Scripting
Severity: Medium
Status: Fixed
CVE-ID: CVE-2018-20140
CVSS Score (3.0):  CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Netsparker Advisory Reference: NS-18-043

For more information and the Technical Details:
https://www.netsparker.com/web-applications-advisories/ns-18-043-cross-site-scripting-in-zenphoto/

Regards,

Daniel Bishtawi
Marketing Administrator | Netsparker Web Application Security Scanner
Tel: +44 (0)20 3588 3843
Follow us on Twitter <https://twitter.com/netsparker> | LinkedIn
<https://www.linkedin.com/company/netsparker-ltd> | Facebook
<https://facebook.com/netsparker>

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

[FD] Multiple Cross-site Scripting Vulnerabilities in ZenPhoto 1.4.14

Reply via email to