Cross-site scripting (XSS) vulnerability in the Top Referrers (aka referrer) plugin in Serendipity (S9Y) prior to 1.3.1 allows remote malicious users to inject arbitrary web script or HTML via the Referer HTTP header.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
s9y serendipity 0.7 |
||
s9y serendipity 0.7.1 |
||
s9y serendipity 1.0 |
||
s9y serendipity 1.0.1 |
||
s9y serendipity 1.1.3 |
||
s9y serendipity 1.1.4 |
||
s9y serendipity 0.8 |
||
s9y serendipity 0.8.1 |
||
s9y serendipity 0.8.2 |
||
s9y serendipity 1.0.2 |
||
s9y serendipity 1.0.3 |
||
s9y serendipity 1.2 |
||
s9y serendipity 1.2.1 |
||
s9y serendipity 0.5_pl1 |
||
s9y serendipity 0.6_pl3 |
||
s9y serendipity 0.9 |
||
s9y serendipity 0.9.1 |
||
s9y serendipity 1.1.1 |
||
s9y serendipity 1.1.2 |
||
s9y serendipity 0.3 |
||
s9y serendipity 0.4 |
||
s9y serendipity 0.8.3 |
||
s9y serendipity 0.8.4 |
||
s9y serendipity 1.0.4 |
||
s9y serendipity 1.1 |
||
s9y serendipity 0.8.5 |
||
s9y serendipity |
Vulmon