CVE List

CVE-2022-24620

Moderate 5.4

Piwigo version 12.2.0 is vulnerable to stored cross-site scripting (XSS), which can lead to privilege escalation. In this way, admin can steal webmaster's cookies to get the webmaster's access.

Published February 24, 2022.

Affected software

Get alerts for Piwigo Piwigo

Reference links