This host is running Serendipity and is prone to security bypass vulnerability.

Successful exploitation will allow attacker to bypass intended access restrictions and modify the configuration of arbitrary plugins. Impact Level: Application

Upgrade to Serendipity version 1.5.3 or later. For updates refer to http://www.s9y.org/12.html

The flaw is due to an input validation error in 'Xinha WYSIWYG' editor with dynamic configuration feature enabled when processing the, - crafted 'backend_config_secret_key_location' and 'backend_config_hash' parameters that are used in a SHA1 hash of a shared secret that can be known or externally influenced, which are not properly handled by the 'Deprecated config passing' feature. - crafted 'backend_data' and 'backend_data[key_location]' variables, which are not properly handled by the 'xinha_read_passed_data()' function.

Serendipity version 1.5.2 and on all platforms.

• http://www.php-security.org/2010/05/10/mops-2010-019-serendipity-wysiwyg-editor-plugin-configuration-injection-vulnerability/index.html
• http://www.php-security.org/2010/05/10/mops-2010-020-xinha-wysiwyg-plugin-configuration-injection-vulnerability/index.html

---

Updated on 2015-03-25