WEB APPLICATION VULNERABILITIES Standard & Premium

Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4090)

Description

Serendipity before 1.6 has an XSS issue in the karma plugin which may allow privilege escalation.

Remediation

References

Related Vulnerabilities

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29046)

Podcast Generator Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20121)

Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-24400)

WordPress Plugin No Follow All External Links Spam Injection (2.3.0)

Moodle Improper Privilege Management Vulnerability (CVE-2023-5549)

Severity

Medium

Classification

CVE-2011-4090 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities