Description
Cross-site scripting (XSS) vulnerability in js/2k11.min.js in the 2k11 theme in Serendipity before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via a user name in a comment, which is not properly handled in a Reply link.
Remediation
References
Related Vulnerabilities
Envoy Proxy Out-of-bounds Write Vulnerability (CVE-2019-18801)
WordPress Plugin Acunetix Secure WordPress Cross-Site Scripting (3.0.3)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-1829)
WebLogic CVE-2016-0638 Vulnerability (CVE-2016-0638)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5480)