CVE-2022-27428
CVE-2022-27428 is a stored XSS in GalleryCMS v2.0, exploited via the album_name parameter in /index.php/album/add. The vulnerability arises from lack of input validation/escaping, allowing arbitrary web scripts when a crafted payload is submitted. Documents consistently describe the impact as cli...