Description

Cross-site scripting (XSS) vulnerability in the remote RSS sidebar plugin (serendipity_plugin_remoterss) in S9Y Serendipity before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a link in an RSS feed.

Remediation

References

CVE-2007-6205

Related Vulnerabilities

Microsoft SQL Server CVE-2023-21704 Vulnerability (CVE-2023-21704)

Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33513)

WordPress Plugin Disqus Comment System Multiple Cross-Site Request Forgery Vulnerabilities (2.77)

WordPress 4.7.x Cross-Domain Flash Injection Vulnerability (4.7 - 4.7.8)

WordPress Plugin Database Backup for WordPress Cross-Site Scripting (2.3.3)

Severity

Medium

Classification

CVE-2007-6205 CWE-707

Tags

Missing Update Known Vulnerabilities