Description

Cross-site scripting (XSS) vulnerability in compat.php in Serendipity before 0.7.1 allows remote attackers to inject arbitrary web script or HTML via the searchTerm variable.

Remediation

References

CVE-2004-2525

Related Vulnerabilities

WordPress Plugin NOSpamPTI SQL Injection (2.1)

MySQL CVE-2019-2789 Vulnerability (CVE-2019-2789)

Microsoft SQL Server CVE-2023-38169 Vulnerability (CVE-2023-38169)

WordPress 2.5 Cross-Site Scripting Vulnerability (2.5)

WordPress Plugin GS Filterable Portfolio Cross-Site Scripting (1.6.0)

Severity

Medium

Classification

CVE-2004-2525

Tags

Missing Update Known Vulnerabilities