Gallery is reported prone to multiple remote vulnerabilities. The following issues are reported: It is reported that multiple cross-site scripting issues exist in Gallery. These vulnerabilities exist because user-supplied input is not sufficiently sanitized before this input is included in dynamically rendered HTML pages that are returned to a user. These issues could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were to be followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the affected Web site and may allow for theft of cookie-based authentication credentials or other attacks. An information disclosure vulnerability is reported to affect Gallery version 2.0 Alpha. It is reported that under some circumstances Gallery may return an error message that contains the installation path of the vulnerable Gallery installation. A remote attacker may...
Gallery is reported prone to multiple remote vulnerabilities. The following issues are reported: It is reported that multiple cross-site scripting issues exist in Gallery. These vulnerabilities exist because user-supplied input is not sufficiently sanitized before this input is included in dynamically rendered HTML pages that are returned to a user. These issues could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were to be followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the affected Web site and may allow for theft of cookie-based authentication credentials or other attacks. An information disclosure vulnerability is reported to affect Gallery version 2.0 Alpha. It is reported that under some circumstances Gallery may return an error message that contains the installation path of the vulnerable Gallery installation. A remote attacker may exploit this vulnerability to disclose information about the layout of the filesystem on a vulnerable computer. Information harvested in this manner may then be used to aid in further attacks that are launched against a vulnerable computer.
