PT-2005-2686 · Serendipity · Serendipity

Published

2005-05-24

Updated

2008-09-05

CVE-2005-1713

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Serendipity version 0.8

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The affected components include the templatedropdown and shoutbox plugins.

Recommendations For Serendipity version 0.8, consider disabling the templatedropdown and shoutbox plugins until a patch is available to prevent exploitation of the XSS vulnerabilities.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-1713

Affected Products

Serendipity

PT-2005-2686 · Serendipity · Serendipity

CVE-2005-1713

Related Identifiers

Affected Products

References · 6