Description
Cross-site scripting (XSS) vulnerability in the remote RSS sidebar plugin (serendipity_plugin_remoterss) in S9Y Serendipity before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a link in an RSS feed.
Remediation
References
Related Vulnerabilities
WordPress Plugin WPML Translation Management PHP Object Injection (2.4.1)
WordPress Plugin Custom Banners Cross-Site Scripting (1.2.2.2)
Telerik Web UI Insufficiently Protected Credentials Vulnerability (CVE-2017-9248)
MySQL CVE-2018-3064 Vulnerability (CVE-2018-3064)
Ruby on Rails Deserialization of Untrusted Data Vulnerability (CVE-2020-8165)