Summary
i-Gallery is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
An attacker could leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This could allow the attacker to steal cookie-based authentication credentials and launch other attacks.
i-Gallery 3.4 is vulnerable
other versions may also be affected.
References
Updated on 2017-03-28
Severity
Classification
-
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
- Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
- Apache Tomcat Multiple Vulnerabilities June-09
- Apache Tomcat RemoteFilterValve Security Bypass Vulnerability
- Advantech WebAccess Multiple Stack Based Buffer Overflow Vulnerabilities