Description
Cross-site scripting (XSS) vulnerability in spell-check-savedicts.php in the htmlarea SpellChecker module, as used in Serendipity before 1.7.3 and possibly other products, allows remote attackers to inject arbitrary web script or HTML via the to_r_list parameter.
Remediation
References
Related Vulnerabilities
Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3663)
GlassFish CVE-2011-0807 Vulnerability (CVE-2011-0807)
Moodle Insufficient Verification of Data Authenticity Vulnerability (CVE-2020-1755)
WordPress Plugin WP-Lister Lite for eBay Directory Traversal (2.0.20)
ownCloud Improper Authentication Vulnerability (CVE-2014-9043)