CVE-2012-1613: Cross-site scripting (XSS) vulnerability in edit_one_pic.php in Coppermine Photo Gallery before 1.5.20 allows remote authenticated users with certain ...

Description

Cross-site scripting (XSS) vulnerability in edit_one_pic.php in Coppermine Photo Gallery before 1.5.20 allows remote authenticated users with certain privileges to inject arbitrary web script or HTML via the keywords parameter.

Metrics

EPSS Probability

2.19%

80.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-79

Affected Software

Vendor	Product	Versions	Update
Coppermine-Gallery	Coppermine Photo Gallery	<= 1.5.18	—
Coppermine-Gallery	Coppermine Photo Gallery	1.0	—
Coppermine-Gallery	Coppermine Photo Gallery	1.1	—
Coppermine-Gallery	Coppermine Photo Gallery	1.1.0	—
Coppermine-Gallery	Coppermine Photo Gallery	1.2	—
Coppermine-Gallery	Coppermine Photo Gallery	1.2.0	—
Coppermine-Gallery	Coppermine Photo Gallery	1.2.1	—
Coppermine-Gallery	Coppermine Photo Gallery	1.3.0	—
Coppermine-Gallery	Coppermine Photo Gallery	1.3.1	—
Coppermine-Gallery	Coppermine Photo Gallery	1.3.2	—
Coppermine-Gallery	Coppermine Photo Gallery	1.3.3	—
Coppermine-Gallery	Coppermine Photo Gallery	1.3.4	—
Coppermine-Gallery	Coppermine Photo Gallery	1.3.5	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.0	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.1	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.2	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.3	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.4	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.5	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.6	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.7	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.8	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.9	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.10	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.11	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.12	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.13	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.14	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.15	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.16	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.17	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.18	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.19	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.20	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.21	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.22	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.23	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.24	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.25	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.26	—
Coppermine-Gallery	Coppermine Photo Gallery	1.4.27	—
Coppermine-Gallery	Coppermine Photo Gallery	1.5.1	Alpha
Coppermine-Gallery	Coppermine Photo Gallery	1.5.2	Beta
Coppermine-Gallery	Coppermine Photo Gallery	1.5.3	Rc
Coppermine-Gallery	Coppermine Photo Gallery	1.5.4	—
Coppermine-Gallery	Coppermine Photo Gallery	1.5.6	—
Coppermine-Gallery	Coppermine Photo Gallery	1.5.8	—
Coppermine-Gallery	Coppermine Photo Gallery	1.5.10	—
Coppermine-Gallery	Coppermine Photo Gallery	1.5.12	—
Coppermine-Gallery	Coppermine Photo Gallery	1.5.14	—

Showing 50 of 51 affected configurations. See NVD for the full list.

References

Timeline

Published: Sep 4, 2012
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2012-1613?

Cross-site scripting (XSS) vulnerability in edit_one_pic.php in Coppermine Photo Gallery before 1.5.20 allows remote authenticated users with certain privileges to inject arbitrary web script or HTML via the keywords parameter.

How severe is CVE-2012-1613?

Severity scoring for CVE-2012-1613 is pending analysis. The EPSS model estimates a 2.19% probability of exploitation in the next 30 days.

How do I fix CVE-2012-1613?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.