Albino

**Name of the Vulnerable Software and Affected Versions** Gallery 3 versions prior to 3.0.4 **Description** The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, which can lead to cross-site scripting (XSS) attacks. **Recommendations** For Gallery 3 versions prior to 3.0.4, update to version 3.0.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Gallery 3 versions prior to 3.0.4 **Description** The issue allows attackers to execute arbitrary PHP code via unknown vectors. **Recommendations** For versions prior to 3.0.4, update to version 3.0.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Gallery 2 versions prior to 2.3.2 Gallery 3 versions prior to 3.0.3 **Description** The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the administration subsystem. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. **Recommendations** For Gallery 2 versions prior to 2.3.2, update to version 2.3.2 or later. For Gallery 3 versions prior to 3.0.3, update to version 3.0.3 or later.