CVE-2017-17774
HIGHPiwigo 2.9.2 - Cross-Site Request Forgery in admin/configuration.php
Title source: llmDescription
admin/configuration.php in Piwigo 2.9.2 has CSRF.
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/d4wner/Vulnerabilities-Report/blob/master/piwigo.md
Issue Tracking, Patch x_refsource_misc
https://github.com/Piwigo/Piwigo/issues/822
Scores
CVSS v3
8.8
EPSS
0.0058
EPSS Percentile
43.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-352
Status
published
Products (1)
piwigo/piwigo
2.9.2
Published
Dec 20, 2017
Tracked Since
Feb 18, 2026