CVE-2013-3261

Name of the Vulnerable Software and Affected Versions GRAND FlAGallery plugin versions prior to 2.72

Description The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the s parameter in a "flag-manage-gallery" action.

Recommendations For versions prior to 2.72, update to version 2.72 or later to resolve the issue.