Vulnerability Details : CVE-2022-24620
Piwigo version 12.2.0 is vulnerable to stored cross-site scripting (XSS), which can lead to privilege escalation. In this way, admin can steal webmaster's cookies to get the webmaster's access.
Vulnerability category: Cross site scripting (XSS)Gain privilege
Exploit prediction scoring system (EPSS) score for CVE-2022-24620
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 23 %
Percentile, the proportion of vulnerabilities that are scored at or less