CVE-2005-0220

Name of the Vulnerable Software and Affected Versions Gallery version 1.4.4-pl2

Description A cross-site scripting issue exists, allowing remote attackers to inject arbitrary web script or HTML via the username field in the login.php file.

Recommendations For Gallery version 1.4.4-pl2, consider disabling the login functionality until a patch is available to prevent exploitation. Restrict access to the login.php file to minimize the risk of cross-site scripting attacks. Avoid using the username field in the login.php file until the issue is resolved.