Cross-site scripting (XSS) vulnerability in spell-check-savedicts.php in the htmlarea SpellChecker module, as used in Serendipity prior to 1.7.3 and possibly other products, allows remote malicious users to inject arbitrary web script or HTML via the to_r_list parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
s9y serendipity 1.7 |
||
s9y serendipity |
||
s9y serendipity 1.2.1 |
||
s9y serendipity 1.2 |
||
s9y serendipity 1.1.4 |
||
s9y serendipity 1.1.3 |
||
s9y serendipity 0.8.2 |
||
s9y serendipity 0.8.1 |
||
s9y serendipity 0.8 |
||
s9y serendipity 0.7.1 |
||
s9y serendipity 1.5.4 |
||
s9y serendipity 1.5.3 |
||
s9y serendipity 1.5.2 |
||
s9y serendipity 1.5.1 |
||
s9y serendipity 1.0.2 |
||
s9y serendipity 1.0.1 |
||
s9y serendipity 1.0 |
||
s9y serendipity 0.9.1 |
||
s9y serendipity 1.6.1 |
||
s9y serendipity 1.5.5 |
||
s9y serendipity 1.4.1 |
||
s9y serendipity 1.3.1 |
||
s9y serendipity 1.1.1 |
||
s9y serendipity 1.0.4 |
||
s9y serendipity 0.8.5 |
||
s9y serendipity 0.8.3 |
||
s9y serendipity 0.7 |
||
s9y serendipity 0.3 |
||
s9y serendipity 1.6.2 |
||
s9y serendipity 1.6 |
||
s9y serendipity 1.4 |
||
s9y serendipity 1.3 |
||
s9y serendipity 1.1.2 |
||
s9y serendipity 1.1 |
||
s9y serendipity 1.0.3 |
||
s9y serendipity 0.9 |
||
s9y serendipity 0.8.4 |
||
s9y serendipity 0.4 |