CVE-2013-2240

Published October 10th, 2013

View on NVD ↗

CVSS v3

N/A

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

lib/flowplayer.swf.php in Gallery 3 before 3.0.9 does not properly remove query fragments, which allows remote attackers to have an unspecified impact via a replay attack, a different vulnerability than CVE-2013-2138.

gallery/gallery3

The simplest, most intuitive way to host your photos on your website.

GitHub

417