MOABI : Continuous Software Improvement

CVE-2015-9229
Description	In the nggallery-manage-gallery page in the Photocrati NextGEN Gallery plugin 2.1.15 for WordPress, XSS is possible for remote authenticated administrators via the images[1][alttext] parameter.
Impact	CVSS v3 : 4.8 MEDIUM CVSS v2 : 3.5 LOW
Type	CWE-79
Attack Vector	CVSSv2 Vector : AV:N/AC:M/Au:S/C:N/I:P/A:N
Quick links	CVE, NVD, CERT, Metasploit, Exploit-db, Fulldisc, Bugtraq, Microsoft, Red Hat, Debian, GitHub code/issues, Google
References	https://cybersecurityworks.com/zerodays/cve-2015-9229-nextgen-gallery.html https://github.com/cybersecurityworks/Disclosed/issues/5