Cross-site scripting vulnerability in Zenphoto versions prior to 1.5.7 allows remote attackers to inject an arbitrary JavaScript via unspecified vectors.
[
{
"product": "Zenphoto",
"vendor": "Zenphoto",
"versions": [
{
"status": "affected",
"version": "versions prior to 1.5.7"
}
]
}
]