{"id":"CVE-2022-37183","details":"Piwigo 12.3.0 is vulnerable to Cross Site Scripting (XSS) via /search/1940/created-monthly-list.","modified":"2026-04-10T04:49:50.396549Z","published":"2022-08-31T18:15:08.657Z","references":[{"type":"EVIDENCE","url":"https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/Piwigo/2022/12.3.0"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/piwigo/piwigo","events":[{"introduced":"0"},{"last_affected":"67f32834162052a06a443b284d2c6c11241d9d0f"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"12.3.0"}]}}],"versions":["12.0.0","12.0.0RC1","12.0.0RC2","12.0.0beta1","12.0.0beta2","12.1.0","12.2.0","12.3.0","2.10.0RC1","2.10.0beta1","2.10.0beta2","2.11.0beta1","2.11.0beta2","2.11.0beta3","2.11.0beta4","2.8.0RC1","2.8.0RC2","2.9.0RC1","2.9.0RC2","2.9.0beta1","2.9.0beta2"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-37183.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}