Description

Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in the image manager.

Remediation

References

CVE-2011-1134

Related Vulnerabilities

WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2021-21347)

Serendipity Other Vulnerability (CVE-2005-1448)

Next.js User Interface (UI) Misrepresentation of Critical Information Vulnerability (CVE-2022-23646)

WordPress Plugin Migration, Backup, Staging-WPvivid Directory Traversal (0.9.75)

WordPress Plugin WP VR-360 Panorama and Virtual Tour Builder For WordPress Cross-Site Request Forgery (8.2.7)

Severity

Critical

Classification

CVE-2011-1134 CWE-434 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities