Cross Site Scripting (XSS) vulnerability exists in Piwigo 12.x via the pwg_activity function in include/functions.inc.php.Referenceshttps://github.com/Piwigo/Piwigo/issues/1582
