Description
Cross-site scripting (XSS) vulnerability in serendipity_admin_image_selector.php in Serendipity 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the serendipity[htmltarget] parameter.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2022-21340 Vulnerability (CVE-2022-21340)
PHP Other Vulnerability (CVE-2004-0958)
Sqlite NULL Pointer Dereference Vulnerability (CVE-2020-35525)
WordPress 3.9.x Arbitrary File Deletion Vulnerability (3.9 - 3.9.24)
WordPress Plugin iThemes Security (formerly Better WP Security) Cross-Site Scripting (5.6.1)