Cross-site scripting (XSS) vulnerability in index.php for GOOP Gallery 2.0, and possibly other versions before 2.0.3, allows remote attackers to inject arbitrary HTML or web script via the image parameter.Referenceshttp://lostmon.blogspot.com/2006/10/goop-gallery-image-param-cross-site.htmlhttp://webgeneius.com/index.php?mod=blog&id=49http://www.securityfocus.com/bid/20554https://exchange.xforce.ibmcloud.com/vulnerabilities/29643http://securitytracker.com/id?1017081
