CVE-2023-33359: CSRF
First published: Tue May 23 2023(Updated: )
Piwigo 13.6.0 is vulnerable to Cross Site Request Forgery (CSRF) in the "add tags" function.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Piwigo Piwigo | =13.6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is Piwigo 13.6.0?
Piwigo 13.6.0 is a version of the Piwigo software.
What is Cross Site Request Forgery (CSRF)?
Cross Site Request Forgery (CSRF) is an attack where an attacker tricks a user into performing unwanted actions without their knowledge or consent.
What is the add tags function in Piwigo 13.6.0?
The add tags function in Piwigo 13.6.0 allows users to add tags to their photos.
How does the CSRF vulnerability in Piwigo 13.6.0 affect users?
The CSRF vulnerability in Piwigo 13.6.0 allows attackers to perform unwanted actions on behalf of the user, such as adding tags to their photos without their knowledge or consent.
How can users protect themselves from the CSRF vulnerability in Piwigo 13.6.0?
Users should update their Piwigo software to a version that has fixed the CSRF vulnerability or apply any available patches or fixes provided by the Piwigo team.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/last-modified-date
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/piwigo
- canonical/piwigo piwigo
- version/piwigo piwigo/13.6.0