<excerpt>Input passed to the 'css' parameter from '/docs/showdoc.php' of Coppermine's Photo Gallery is not sanitized before it is returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. </excerpt>

-</p>

Make your website safer. Use external penetration testing (http://www.beyondsecurity.com/penetration-testing.html) service. First report ready in one hour!</p>

**Hidden Content: Check the thread to see hidden data.**