Description

Cross-site scripting (XSS) vulnerability in the Top Referrers (aka referrer) plugin in Serendipity (S9Y) before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header.

Remediation

References

CVE-2008-1385

Related Vulnerabilities

MySQL CVE-2021-35645 Vulnerability (CVE-2021-35645)

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1570)

TYPO3 Improper Input Validation Vulnerability (CVE-2013-7079)

PostgreSQL Insufficient Verification of Data Authenticity Vulnerability (CVE-2024-10977)

Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-46144)

Severity

Medium

Classification

CVE-2008-1385 CWE-707

Tags

Missing Update Known Vulnerabilities