Description
Cross-site scripting (XSS) vulnerability in the remote RSS sidebar plugin (serendipity_plugin_remoterss) in S9Y Serendipity before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a link in an RSS feed.
Remediation
References
Related Vulnerabilities
WordPress Use of Insufficiently Random Values Vulnerability (CVE-2017-17091)
WordPress Plugin Light Messages Cross-Site Request Forgery (1.0)
Mailman Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2021-42096)
WordPress Plugin WP Forum Server 'edit_post_id' Parameter SQL Injection (1.7)
Oracle Database Server CVE-2006-1875 Vulnerability (CVE-2006-1875)