Cross-Site Scripting Vulnerability in ZenPhoto by ZenPhoto Team
CVE-2015-2949

Currently unrated

Key Information:

Vendor

Zenphoto

Status
Zenphoto
Vendor
CVE Published:
31 May 2015

What is CVE-2015-2949?

A cross-site scripting (XSS) vulnerability exists in ZenPhoto versions 1.1.3 and earlier, which allows remote attackers to inject arbitrary web scripts or HTML through unspecified vectors. This flaw can be exploited to execute malicious scripts in the context of the user's session, potentially leading to unauthorized actions or the exposure of sensitive data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://jvn.jp/en/jp/JVN51176150/index.html
third-party-advisoryx_refsource_JVN
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000071
third-party-advisoryx_refsource_JVNDB
http://www.securityfocus.com/bid/74889
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.