Description
Cross-site scripting (XSS) vulnerability in serendipity_admin_image_selector.php in Serendipity 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the serendipity[htmltarget] parameter.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2013-2460 Vulnerability (CVE-2013-2460)
ProjectSend Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-53980)
Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1000481)
WordPress Plugin Post Grid Gutenberg Blocks and WordPress Blog-PostX Security Bypass (4.1.2)