Cross-site scripting (XSS) vulnerability in the keywords manager (keywordmgr.php) in Coppermine Photo Gallery before 1.5.27 and 1.6.x before 1.6.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CPE | Name | Operator | Version |
---|---|---|---|
coppermine_photo_gallery | ge | 1.6.0 | |
coppermine_photo_gallery | lt | 1.6.01 | |
coppermine_photo_gallery | lt | 1.5.28 |
forum.coppermine-gallery.net/index.php/topic%2C77376.0.html
seclists.org/oss-sec/2014/q2/608
seclists.org/oss-sec/2014/q2/620
sourceforge.net/p/coppermine/code/8674
www.securityfocus.com/bid/68140
sourceforge.net/p/coppermine/code/8674/tree//trunk/cpg1.5.x/CHANGELOG.txt
sourceforge.net/p/coppermine/code/8674/tree//trunk/cpg1.6.x/CHANGELOG.txt