Description

Cross-site scripting (XSS) vulnerability in the Top Referrers (aka referrer) plugin in Serendipity (S9Y) before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header.

Remediation

References

CVE-2008-1385

Related Vulnerabilities

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4299)

WordPress Plugin Advanced Forms for ACF Pro Security Bypass (1.6.8)

Oracle Database Server CVE-2010-0866 Vulnerability (CVE-2010-0866)

WordPress Plugin weForms-Easy Drag & Drop Contact Form Builder For WordPress Unspecified Vulnerability (1.5.3)

WordPress Plugin Modern Events Calendar Lite Arbitrary File Upload (7.11.0)

Severity

Medium

Classification

CVE-2008-1385 CWE-707

Tags

Missing Update Known Vulnerabilities