Unrated severityNVD Advisory· Published Aug 17, 2014· Updated Jun 17, 2026
CVE-2014-3900
CVE-2014-3900
Description
Cross-site scripting (XSS) vulnerability in admin/picture_modify.php in the photo-edit subsystem in Piwigo 2.6.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the associate[] field, a different vulnerability than CVE-2014-4649.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.