|
Gallery Script Injection Vulnerability
Gallery is prone to a script-injection vulnerability because it fails to properly sanitize user-supplied input. A malicious user may cause arbitrary script code to execute in the browser context of an unsuspecting victim. This may let the attacker steal cookie-based authentication credentials in the context of the victim's browser; further attacks are also possible. |
|
|
Privacy Statement |