Piwigo · Piwigo · CVE-2021-27973
Name of the Vulnerable Software and Affected Versions:
Piwigo versions prior to 11.4.0
Description:
A SQL injection issue exists via the `language` parameter to the "admin.php?page=languages" API endpoint.
Recommendations:
For versions prior to 11.4.0, update to version 11.4.0 or later to resolve the issue.