Description
Cross-site scripting (XSS) vulnerability in the remote RSS sidebar plugin (serendipity_plugin_remoterss) in S9Y Serendipity before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a link in an RSS feed.
Remediation
References
Related Vulnerabilities
Joomla! Core 3.x.x Cross-Site Request Forgery (3.2.0 - 3.9.12)
WordPress Plugin WP Rss Poster SQL Injection (1.0.0)
WordPress Plugin YITH WooCommerce Ajax Search Security Bypass (1.6.9)
PHP Out-of-bounds Read Vulnerability (CVE-2022-31630)
WordPress Plugin FormCraft-Contact Form Builder Cross-Site Request Forgery (1.2.1)