First published: Mon Aug 29 2005(Updated: )
Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Gallery Project Gallery | =1.4.3_pl2 | |
Gallery Project Gallery | =1.4.4_pl2 | |
Gallery Project Gallery | =1.4_pl1 | |
Gallery Project Gallery | =1.4.2 | |
Gallery Project Gallery | =1.5.1 | |
Gallery Project Gallery | =1.5 | |
Gallery Project Gallery | =1.4.4_pl3 | |
Gallery Project Gallery | =1.4.1 | |
Gallery Project Gallery | =1.5.1_rc2 | |
Gallery Project Gallery | =1.4.3_pl1 | |
Gallery Project Gallery | =1.4.4_pl4 | |
Gallery Project Gallery | =1.4.4_pl5 | |
Gallery Project Gallery | =1.4_pl2 | |
Gallery Project Gallery | =1.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.