LibrePhotos before version 2024w47 has a stored XSS (Cross-site Scripting) allows attackers to takeover any account via uploading an HTML file on behalf of the admin user using IDOR in file upload.
References:
-
Notifications
You must be signed in to change notification settings - Fork 0
ii5mai1/CVE-2024-53617
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
About
No description, website, or topics provided.
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published