| Name | CVE-2013-1468 |
| Description | Cross-site request forgery (CSRF) vulnerability in the LocalFiles Editor plugin in Piwigo before 2.4.7 allows remote attackers to hijack the authentication of administrators for requests that create arbitrary PHP files via unspecified vectors. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| piwigo | source | squeeze | (unfixed) | end-of-life | ||
| piwigo | source | (unstable) | (unfixed) |
[squeeze] - piwigo <end-of-life> (Unsupported in squeeze-lts)
Request to mark the package as unsupported in #779104
https://www.htbridge.com/advisory/HTB23144