Cross-Site Scripting Vulnerability in Coppermine Photo Gallery
CVE-2012-1613

Currently unrated

Key Information:

Vendor: Coppermine-gallery
Status: Coppermine Photo Gallery
Vendor: CVE Published:; 4 September 2012

🔔 Create Coppermine-gallery Vulnerability Alert

What is CVE-2012-1613?

The vulnerability in the edit_one_pic.php file of Coppermine Photo Gallery prior to version 1.5.20 allows remote authenticated users with specific privileges to execute arbitrary web scripts or HTML by injecting malicious content via the keywords parameter. This issue opens pathways for attackers to compromise user sessions or redirect users to malicious sites without requiring them to have the highest level of access.

References

http://archives.neohapsis.com/archives/bugtraq/2012-03/01...

mailing-listx_refsource_BUGTRAQ

http://www.waraxe.us/advisory-81.html

x_refsource_MISC

http://osvdb.org/80731

vdb-entryx_refsource_OSVDB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 4, 2012

JSON