Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 26790 - dev-php/gallery
Summary: dev-php/gallery
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All Linux
: Highest critical (vote)
Assignee: Gentoo Security
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-08-17 02:52 UTC by Daniel Ahlberg (RETIRED)
Modified: 2003-09-02 04:01 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Daniel Ahlberg (RETIRED) gentoo-dev 2003-08-17 02:52:05 UTC
-------------------------------------------------------------------------- 
Debian Security Advisory DSA 355-1                     security@debian.org 
http://www.debian.org/security/                             Matt Zimmerman 
July 30th, 2003                         http://www.debian.org/security/faq 
-------------------------------------------------------------------------- 
 
Package        : gallery 
Vulnerability  : cross-site scripting 
Problem-Type   : remote 
Debian-specific: no 
CVE Ids        : CAN-2003-0614 
 
Larry Nguyen discovered a cross site scripting vulnerability in gallery, 
a web-based photo album written in php.  This security flaw can allow a 
malicious user to craft a URL that executes Javascript code on your 
website.
Comment 1 Daniel Ahlberg (RETIRED) gentoo-dev 2003-09-02 04:01:01 UTC
glsa sent