CVE-2008-7175
Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in NextGEN Gallery 0.96 and earlier plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the picture description field in a page edit action.
Date published : 2009-09-08
http://www.securityfocus.com/archive/1/493182/100/0/threaded