Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package prior to 1.5.5, allows remote malicious users to execute arbitrary code in plugins/ExtendedFileManager/manager.php and plugins/ImageManager/manager.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
s9y serendipity |