Description

Cross-site scripting (XSS) vulnerability in compat.php in Serendipity before 0.7.1 allows remote attackers to inject arbitrary web script or HTML via the searchTerm variable.

Remediation

References

CVE-2004-2525

Related Vulnerabilities

Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1000484)

Apache Tomcat Integer Overflow or Wraparound Vulnerability (CVE-2025-52520)

OpenSSL Cryptographic Issues Vulnerability (CVE-2006-4339)

WordPress Plugin Magic Fields 2 Cross-Site Scripting (2.3.2.4)

OpenSSL Missing Encryption of Sensitive Data Vulnerability (CVE-2019-1563)

Severity

Medium

Classification

CVE-2004-2525

Tags

Missing Update Known Vulnerabilities