Cross-site scripting (XSS) vulnerability in Ansel 2.1 and earlier allows remote attackers to inject arbitrary HTML or web script via the album name.Referenceshttp://www.securityfocus.com/bid/11824http://securitytracker.com/id?1012434http://www.osvdb.org/12237http://secunia.com/secunia_research/2004-17/advisory/https://exchange.xforce.ibmcloud.com/vulnerabilities/18374http://secunia.com/advisories/12856
