Sachinart

**Name of the Vulnerable Software and Affected Versions** Piwigo version 12.2.0 **Description** The issue concerns stored cross-site scripting (XSS), which can lead to privilege escalation. This allows an admin to steal a webmaster's cookies, thereby gaining the webmaster's access. **Recommendations** For Piwigo version 12.2.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.