VYPR
Unrated severityNVD Advisory· Published Feb 23, 2022· Updated Aug 3, 2024

CVE-2022-24620

CVE-2022-24620

Description

Piwigo version 12.2.0 is vulnerable to stored cross-site scripting (XSS), which can lead to privilege escalation. In this way, admin can steal webmaster's cookies to get the webmaster's access.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Piwigo/Piwigocpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: = 12.2.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.