Description
Multiple cross-site scripting (XSS) vulnerabilities in Serendipity 0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) templatedropdown and (2) shoutbox plugins.
Remediation
References
Related Vulnerabilities
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-29450)
Jboss EAP Improper Validation of Integrity Check Value Vulnerability (CVE-2023-48795)
WordPress Plugin Zingiri Web Shop 'ajax_save_name.php' Remote Code Execution (2.2.3)
WordPress Plugin 4k Icons for Visual Composer-Free Cross-Site Scripting (1.0)
Contao Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-19745)