5 lines
No EOL
511 B
Text
5 lines
No EOL
511 B
Text
source: http://www.securityfocus.com/bid/8288/info
|
|
|
|
Gallery is prone to a cross-site scripting vulnerability. This issue is present in the search engine facility provided by the software. An attacker could exploit this issue by constructing a malicious link to the search engine that contains hostile HTML and script code. Attacker-supplied code could be rendered in the browser of a user who follows such a link.
|
|
|
|
http://www.example.com/<galleryfolder>/search.php?searchstring=<script>alert('XSS')</script> |