Multiple cross-site scripting (XSS) vulnerabilities in register.php in Piwigo 2.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) login and (2) mail_address parameters.
Software | From | Fixed in |
---|---|---|
piwigo / piwigo | - | 2.0.9.x |
piwigo / piwigo | 1.0.0 | 1.0.0.x |
piwigo / piwigo | 1.0.1 | 1.0.1.x |
piwigo / piwigo | 1.0.2 | 1.0.2.x |
piwigo / piwigo | 1.1.0 | 1.1.0.x |
piwigo / piwigo | 1.2.0 | 1.2.0.x |
piwigo / piwigo | 1.2.1 | 1.2.1.x |
piwigo / piwigo | 1.3.0 | 1.3.0.x |
piwigo / piwigo | 1.3.1 | 1.3.1.x |
piwigo / piwigo | 1.3.2 | 1.3.2.x |
piwigo / piwigo | 1.3.3 | 1.3.3.x |
piwigo / piwigo | 1.3.4 | 1.3.4.x |
piwigo / piwigo | 1.4.0 | 1.4.0.x |
piwigo / piwigo | 1.4.1 | 1.4.1.x |
piwigo / piwigo | 1.5.0 | 1.5.0.x |
piwigo / piwigo | 1.5.1 | 1.5.1.x |
piwigo / piwigo | 1.5.2 | 1.5.2.x |
piwigo / piwigo | 1.6.0 | 1.6.0.x |
piwigo / piwigo | 1.6.1 | 1.6.1.x |
piwigo / piwigo | 1.6.2 | 1.6.2.x |
piwigo / piwigo | 1.7.0 | 1.7.0.x |
piwigo / piwigo | 1.7.1 | 1.7.1.x |
piwigo / piwigo | 1.7.2 | 1.7.2.x |
piwigo / piwigo | 1.7.3 | 1.7.3.x |
piwigo / piwigo | 2.0.0 | 2.0.0.x |
piwigo / piwigo | 2.0.1 | 2.0.1.x |
piwigo / piwigo | 2.0.2 | 2.0.2.x |
piwigo / piwigo | 2.0.3 | 2.0.3.x |
piwigo / piwigo | 2.0.4 | 2.0.4.x |
piwigo / piwigo | 2.0.5 | 2.0.5.x |
piwigo / piwigo | 2.0.6 | 2.0.6.x |
piwigo / piwigo | 2.0.7 | 2.0.7.x |
piwigo / piwigo | 2.0.8 | 2.0.8.x |