Unrated severityNVD Advisory· Published May 27, 2015· Updated Jun 17, 2026
CVE-2015-3921
CVE-2015-3921
Description
Cross-site scripting (XSS) vulnerability in contact.php in Coppermine Photo Gallery before 1.5.36 allows remote authenticated users to inject arbitrary web script or HTML via the referer parameter.
Affected products
2cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:*:*:*:*:*:*:*:*range: <=1.5.34
- (no CPE)range: <1.5.36
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.