Gallery 2.2.4 and Prior Versions Multiple Vulnerabilities

Gallery is prone to multiple vulnerabilities, including a cross-site scripting vulnerability and multiple information-disclosure and security-bypass vulnerabilities.

An attacker could exploit the cross-site scripting vulnerability to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. The attacker could exploit the other vulnerabilities to access restricted resources or escalate privileges.

These issues affect Gallery 2.2.4 and prior versions.


Privacy Statement
Copyright 2010, SecurityFocus