Multiple cross-site scripting (XSS) vulnerabilities in Menalto Gallery prior to 2.2.4 allow remote malicious users to inject arbitrary web script or HTML via crafted filenames to the (1) Core or (2) add-item modules; or via (3) HTTP PROPPATCH in the WebDAV module.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
menalto gallery |