S9Y · Serendipity · CVE-2008-1476
**Name of the Vulnerable Software and Affected Versions**
Serendipity (S9Y) versions prior to 1.3
**Description**
A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to received trackbacks.
**Recommendations**
For versions prior to 1.3, update to version 1.3 or later to resolve the issue.