Security Advisory

CVE-2017-10679

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-06-29 21:00:00

Last updated 2024-08-05 17:41:55

Assigner mitre

State PUBLISHED

Description

Piwigo through 2.9.1 allows remote attackers to obtain sensitive information about the descriptive name of a permalink by examining the redirect URL that is returned in a request for the permalink ID number of a private album. The permalink ID numbers are easily guessed.

← Browse all CVEs View on cve.org ↗