CVE 2008-2720
Cross-site scripting (XSS) vulnerability in Menalto Gallery before 2.2.5 allows remote attackers to inject arbitrary web script or HTML via the (1) host and (2) path components of a URL.
Related bugs and status
CVE-2008-2720 (Candidate) is related to these bugs:
Bug #202422: CVE-2008-1066 smarty allows attackers to call arbitrary PHP functions via templates
Bug #242671: CVE-2008-272[0-4]: Lots of varied vulnerabilities
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 242671 | CVE-2008-272[0-4]: Lots of varied vulnerabilities | gallery2 (Ubuntu) | Undecided | Fix Released | ||
| 242671 | CVE-2008-272[0-4]: Lots of varied vulnerabilities | gallery2 (Ubuntu Hardy) | High | Fix Released | ||
| 242671 | CVE-2008-272[0-4]: Lots of varied vulnerabilities | gallery2 (Ubuntu Intrepid) | Undecided | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
