prettyPhoto
by PrettyPhoto
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-9478 | Med | 0.40 | 6.1 | 0.01 | Oct 10, 2019 | prettyPhoto before 3.1.6 has js/jquery.prettyPhoto.js XSS. | ||
| CVE-2013-6837 | 0.00 | — | 0.03 | Dec 19, 2013 | Cross-site scripting (XSS) vulnerability in the setTimeout function in js/jquery.prettyPhoto.js in prettyPhoto 3.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted PATH_INTO to the default URI. |
- risk 0.40cvss 6.1epss 0.01
prettyPhoto before 3.1.6 has js/jquery.prettyPhoto.js XSS.
- CVE-2013-6837Dec 19, 2013risk 0.00cvss —epss 0.03
Cross-site scripting (XSS) vulnerability in the setTimeout function in js/jquery.prettyPhoto.js in prettyPhoto 3.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted PATH_INTO to the default URI.