Description
Cross-site scripting (XSS) vulnerability in js/2k11.min.js in the 2k11 theme in Serendipity before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via a user name in a comment, which is not properly handled in a Reply link.
Remediation
References
Related Vulnerabilities
WordPress Plugin We�re Open! Cross-Site Scripting (1.41)
WordPress 4.2.x Same Origin Method Execution (SOME) Vulnerability (4.2 - 4.2.7)
WordPress Plugin Super Forms-Drag & Drop Form Builder Arbitrary File Upload (4.9.700)
Moodle Configuration Vulnerability (CVE-2011-4585)
Apache HTTP Server Out-of-bounds Read Vulnerability (CVE-2023-31122)