S9Y » Serendipity : Security Vulnerabilities, CVEs, Published In 2004 (XSS) CVSS score >= 1
Cross-site scripting (XSS) vulnerability in compat.php in Serendipity before 0.7.1 allows remote attackers to inject arbitrary web script or HTML via the searchTerm variable.
Max CVSS
4.3
EPSS Score
0.41%
Published
2004-12-31
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in Comment.php in Serendipity 0.7 beta1, and possibly other versions before 0.7-beta3, allows remote attackers to inject arbitrary HTML and PHP code via the (1) email or (2) username field.
Max CVSS
4.3
EPSS Score
0.68%
Published
2004-12-31
Updated
2017-07-11
2 vulnerabilities found