Boogyman2O

**Name of the Vulnerable Software and Affected Versions** Piwigo versions prior to 2.8.6 **Description** The issue is related to a cross-site scripting (XSS) vulnerability in the image upload function. This allows remote attackers to inject arbitrary web script or HTML via a crafted image filename. **Recommendations** For versions prior to 2.8.6, update to version 2.8.6 or later to resolve the issue. As a temporary workaround, consider restricting image uploads to trusted users until the update is applied.