Gallery Prior to 2.2.6 Multiple Vulnerabilities

info
discussion
exploit
solution
references

Gallery Prior to 2.2.6 Multiple Vulnerabilities

Attackers can exploit the information-disclosure issue through a browser. To exploit the cross-site scripting issue, the attacker must entice unsuspecting users to follow a malicious URI. The attacker can exploit the cookie-disclosure weakness by using readily available network sniffers.