VYPR
Unrated severityNVD Advisory· Published May 27, 2015· Updated Jun 17, 2026

CVE-2015-3921

CVE-2015-3921

Description

Cross-site scripting (XSS) vulnerability in contact.php in Coppermine Photo Gallery before 1.5.36 allows remote authenticated users to inject arbitrary web script or HTML via the referer parameter.

Affected products

2
  • cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:*:*:*:*:*:*:*:*range: <=1.5.34
    • (no CPE)range: <1.5.36

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.