Cross-site scripting (XSS) vulnerability in Piwigo before 2.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.Referenceshttp://secunia.com/advisories/37336http://piwigo.org/releases/2.0.6http://www.vupen.com/english/advisories/2009/3221
