Gallery Versions Prior to 2.2.4 Multiple Remote Vulnerabilities and Unspecified Weakness Gallery is prone to multiple remote issues, including: - An arbitrary-file-upload vulnerability - A local file-include vulnerability - Multiple cross-site scripting vulnerabilities - Multiple information-disclosure vulnerabilities - A security vulnerability that allows attackers to perform phishing attacks - Multiple unspecified vulnerabilities - An unspecified weakness An attacker can exploit these issues to compromise the affected application, execute arbitrary code within the context of the webserver process, steal cookie-based authentication credentials, obtain sensitive information, and gain unauthorized access to the application. Other attacks are also possible. These issues affect versions prior to Gallery 2.2.4. Reproducible: Always Steps to Reproduce: 1. emerge gallery 2. gallery 2.2.3 is emerged Actual Results: gallery 2.2.3 is emerged Expected Results: gallery 2.2.4 is emerged
*** This bug has been marked as a duplicate of bug 203217 ***