Home > Cross Site Scripting, Image Galleries > Coppermine Photo Gallery CSRF

Coppermine Photo Gallery CSRF

March 27th, 2009

Application: Coppermine
Affected Version: version 1.4.20 and 1.4.21 and other versions.
Vendor’s URL: Coppermine Photo Gallery
Bug Type: Cross Site Scripting
Risk Level: Medium

Solution:
Update to version 1.4.21, which protects from exploitation via bbcode tags. Do not visit untrusted web sites while logged on to the application.

Cross Site Scripting, Image Galleries

Comments are closed.