Serendipity prior to 2.1.5 has XSS via EXIF data that is mishandled in the templates/2k11/admin/media_choose.tpl Editor Preview feature or the templates/2k11/admin/media_items.tpl Media Library feature.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
s9y serendipity |