Description
Cross-site scripting (XSS) vulnerability in js/2k11.min.js in the 2k11 theme in Serendipity before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via a user name in a comment, which is not properly handled in a Reply link.
Remediation
References
Related Vulnerabilities
Dolibarr Improper Authentication Vulnerability (CVE-2020-7995)
WordPress Plugin Polldaddy Polls & Ratings Unspecified Vulnerability (2.0.25)
WordPress Other Vulnerability (CVE-2007-4153)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000192)
WordPress Plugin Contact Form 7 Database Addon-CFDB7 Unspecified Vulnerability (1.2.5.7)