Cross-site scripting (XSS) vulnerability in compat.php in Serendipity prior to 0.7.1 allows remote malicious users to inject arbitrary web script or HTML via the searchTerm variable.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
s9y serendipity 0.6_pl2 |
||
s9y serendipity 0.6_pl3 |
||
s9y serendipity 0.7_beta4 |
||
s9y serendipity 0.7_rc1 |
||
s9y serendipity 0.5 |
||
s9y serendipity 0.5_pl1 |
||
s9y serendipity 0.7 |
||
s9y serendipity 0.7_beta1 |
||
s9y serendipity 0.3 |
||
s9y serendipity 0.4 |
||
s9y serendipity 0.6_rc1 |
||
s9y serendipity 0.6_rc2 |
||
s9y serendipity 0.6 |
||
s9y serendipity 0.6_pl1 |
||
s9y serendipity 0.7_beta2 |
||
s9y serendipity 0.7_beta3 |