Description

Cross-site scripting (XSS) vulnerability in Serendipity before 1.5.4, when "Remember me" logins are enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2010-2957

Related Vulnerabilities

WordPress Plugin Vuukle Comments, Reactions, Share Bar, Revenue Unspecified Vulnerability (4.0.2)

WordPress Plugin Image Export Arbitrary File Download (1.1.0)

Coppermine Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-1613)

WordPress Plugin Advanced User Registration and Management Cross-Site Scripting (2.3.5)

WordPress Plugin All-in-One WP Migration Information Disclosure (7.0)

Severity

Low

Classification

CVE-2010-2957 CWE-707

Tags

Missing Update Known Vulnerabilities