Description
Multiple cross-site scripting (XSS) vulnerabilities in Serendipity before 2.0.5 allow remote authenticated users to inject arbitrary web script or HTML via a category or directory name.
Remediation
References
Related Vulnerabilities
MySQL CVE-2013-2375 Vulnerability (CVE-2013-2375)
WordPress 5.1.x Cross-Site Request Forgery (5.1)
Jboss Deserialization of Untrusted Data Vulnerability (CVE-2017-7504)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-4298)
WordPress 4.6.x Arbitrary File Deletion Vulnerability (4.6 - 4.6.11)