CVE-2025-23629

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Subhasis Laha Gallerio gallerio allows Reflected XSS.This issue affects Gallerio: from n/a through = 1.0.1...

PT-2024-35239 · Subhasis Laha · Gallerio

Name of the Vulnerable Software and Affected Versions: Subhasis Laha Gallerio versions n/a through 1.01 Description: The issue allows an unrestricted upload of a file with a dangerous type, enabling the upload of a web shell to a web server. This can lead to potential security risks...