CVE-2005-1947

Name of the Vulnerable Software and Affected Versions Invision Gallery versions prior to 1.3.1

Description A cross-site request forgery issue allows remote attackers to perform actions such as deleting albums and images as another user. This can be achieved via a link or IMG tag to specific actions.

Recommendations For versions prior to 1.3.1, update to version 1.3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the albums and delimg actions to minimize the risk of exploitation.