Gallery · Gallery · CVE-2006-0330
**Name of the Vulnerable Software and Affected Versions**
Gallery versions prior to 1.5.2
**Description**
A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML, possibly involving the `fullname` variable.
**Recommendations**
For versions prior to 1.5.2, update to version 1.5.2 or later to resolve the issue.