Description

Cross-site scripting (XSS) vulnerability in the Top Referrers (aka referrer) plugin in Serendipity (S9Y) before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header.

Remediation

References

CVE-2008-1385

Related Vulnerabilities

IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1251)

SharePoint CVE-2023-36890 Vulnerability (CVE-2023-36890)

osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43733)

OpenSSL Other Vulnerability (CVE-2003-0147)

WordPress Plugin Real-Time Find and Replace Cross-Site Scripting (3.8)

Severity

Medium

Classification

CVE-2008-1385 CWE-707

Tags

Missing Update Known Vulnerabilities