Piwigo 2.10.1 has stored XSS via the file parameter in a /ws.php request because of the pwg.images.setInfo function. - Kubernetes WAF | K8 Web Application Firewall