Gallery Unspecified Remote Vulnerabilities
Medium Nessus Network Monitor Plugin ID 3304
SynopsisThe remote host is vulnerable to an HTML Injection attack.
DescriptionThe remote host is running the Gallery web-based photo album. This version of Gallery is vulnerable to an 'unspecified' flaw. While the exact details of the flaw are unknown, the vendor has released version 2.0.2 as a fix. In addition, this version of Gallery is supposedly vulnerable to an HTML injection flaw. An attacker exploiting this flaw would need to be able to convince a user to browse to a malicious URI. Successful exploitation could lead to the loss of potentially confidential data
SolutionUpgrade to version 2.0.2 or 1.5.2 or higher.