CVE Vulnerabilities

CVE-2005-2734

Published: Aug 30, 2005 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.

Affected Software

Name Vendor Start Version End Version
Gallery Gallery_project 1.4 1.4
Gallery Gallery_project 1.4.1 1.4.1
Gallery Gallery_project 1.4.2 1.4.2
Gallery Gallery_project 1.4.3_pl1 1.4.3_pl1
Gallery Gallery_project 1.4.3_pl2 1.4.3_pl2
Gallery Gallery_project 1.4.4_pl2 1.4.4_pl2
Gallery Gallery_project 1.4.4_pl3 1.4.4_pl3
Gallery Gallery_project 1.4.4_pl4 1.4.4_pl4
Gallery Gallery_project 1.4.4_pl5 1.4.4_pl5
Gallery Gallery_project 1.4_pl1 1.4_pl1
Gallery Gallery_project 1.4_pl2 1.4_pl2
Gallery Gallery_project 1.5 1.5
Gallery Gallery_project 1.5.1 1.5.1
Gallery Gallery_project 1.5.1_rc2 1.5.1_rc2

References