Cross-site scripting (XSS) vulnerability in the Freetag prior to 2.96 plugin for S9Y Serendipity, when using Internet Explorer 6 or 7, allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to plugin/tag/.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
s9y serendipity_event_freetag |