XSS Vulnerability in Coppermine Photo Gallery by Coppermine
CVE-2015-3921

Currently unrated

Key Information:

Vendor: Coppermine-gallery
Status: Coppermine Photo Gallery
Vendor: CVE Published:; 27 May 2015

🔔 Create Coppermine-gallery Vulnerability Alert

What is CVE-2015-3921?

A cross-site scripting (XSS) vulnerability exists in the contact.php file of Coppermine Photo Gallery prior to version 1.5.36. This flaw allows remote authenticated users to inject arbitrary web scripts or HTML through manipulation of the referer parameter, potentially leading to unauthorized actions or compromise of sensitive information.

References

http://packetstormsecurity.com/files/132004/Coppermine-Ga...

x_refsource_MISC

http://www.securitytracker.com/id/1032558

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/74872

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 27, 2015
Vulnerability Reserved
May 12, 2015

JSON