lib/flowplayer.swf.php in Gallery 3 before 3.0.9 does not properly remove query fragments, which allows remote attackers to have an unspecified impact via a replay attack, a different vulnerability than CVE-2013-2138.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Gallery | Menalto | 3.0 | 3.0 |
Gallery | Menalto | 3.0.1 | 3.0.1 |
Gallery | Menalto | 3.0.2 | 3.0.2 |
Gallery | Menalto | 3.0.3 | 3.0.3 |
Gallery | Menalto | 3.0.4 | 3.0.4 |
Gallery | Menalto | 3.0.5 | 3.0.5 |
Gallery | Menalto | 3.0.6 | 3.0.6 |
Gallery | Menalto | 3.0.7 | 3.0.7 |
Gallery | Menalto | 3.0.8 | 3.0.8 |