Multiple cross-site scripting (XSS) vulnerabilities in the administration subsystem in Gallery 2 before 2.3.2 and 3 before 3.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.3%