Description

Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in the image manager.

Remediation

References

CVE-2011-1134

Related Vulnerabilities

GlassFish Improper Input Validation Vulnerability (CVE-2011-5035)

WordPress Plugin WP Canvas-Shortcodes Cross-Site Scripting (2.06)

TYPO3 Improper Input Validation Vulnerability (CVE-2010-3716)

WordPress Plugin Esponce QR Code Generator Cross-Site Scripting (1.4)

WordPress Plugin Author Periodic Report Cross-Site Scripting (1.0)

Severity

Critical

Classification

CVE-2011-1134 CWE-434 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities