VYPR
Unrated severityNVD Advisory· Published Dec 31, 2013· Updated Jun 17, 2026

CVE-2013-7241

CVE-2013-7241

Description

Cross-site scripting (XSS) vulnerability in the export function in zp-core/zp-extensions/mergedRSS.php in Zenphoto before 1.4.5.4 allows remote attackers to inject arbitrary web script or HTML via the URI.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • Zenphoto/Zenphoto5 versions
    cpe:2.3:a:zenphoto:zenphoto:*:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:zenphoto:zenphoto:*:*:*:*:*:*:*:*range: <=1.4.5.3
    • cpe:2.3:a:zenphoto:zenphoto:1.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:zenphoto:zenphoto:1.4.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:zenphoto:zenphoto:1.4.5.2:*:*:*:*:*:*:*
    • (no CPE)range: <1.4.5.4

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.