Description

Cross-site scripting (XSS) vulnerability in the Top Referrers (aka referrer) plugin in Serendipity (S9Y) before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header.

Remediation

References

CVE-2008-1385

Related Vulnerabilities

WordPress Plugin Thrive Optimize Security Bypass (1.4.13.2)

SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-8155)

WordPress Plugin WordPress Download Manager Arbitrary File Upload (2.8.97)

PHP Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2007-0455)

Roundcube Multiple Cross-site Request Forgery (CSRF) Vulnerabilities (CVE-2014-9587)

Severity

Medium

Classification

CVE-2008-1385 CWE-707

Tags

Missing Update Known Vulnerabilities