Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote attackers to insert arbitrary web script via the searchstring parameter.
References 5 Total
- securityfocus.com: 20030727 Gallery XSS security advisory (with fix and patch instructions) mailing-list
- debian.org: DSA-355 vendor-advisory
- marc.info: 20030902 GLSA: gallery (200309-06) mailing-list
- securityfocus.com: 20040101 Re: Gallery v1.3.3 Cross Site Scripting Vulnerabillity mailing-list
- http://gallery.menalto.com/modules.php?op=modload&name=News&file=article&sid=82&mode=thread&order=0&thold=0
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- securityfocus.com: 20030727 Gallery XSS security advisory (with fix and patch instructions) mailing-listx_transferred
- debian.org: DSA-355 vendor-advisoryx_transferred
- marc.info: 20030902 GLSA: gallery (200309-06) mailing-listx_transferred
- securityfocus.com: 20040101 Re: Gallery v1.3.3 Cross Site Scripting Vulnerabillity mailing-listx_transferred
- http://gallery.menalto.com/modules.php?op=modload&name=News&file=article&sid=82&mode=thread&order=0&thold=0 x_transferred