Zenphoto Zenphoto : Security vulnerabilities, CVEs xss, cross site scripting published in 2017

CVE-2015-5594

The sanitize_string function in ZenPhoto before 1.4.9 utilized the html_entity_decode function after input sanitation, which might allow remote attackers to perform a cross-site scripting (XSS) via a crafted string.

Max CVSS

6.1

EPSS Score

0.46%

Published

2017-07-25

Updated

2017-07-31

1 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!

Accept Close

Zenphoto » Zenphoto : Security Vulnerabilities, CVEs, Published In 2017 (XSS)

CVE-2015-5594