Description
Cross-site scripting (XSS) vulnerability in the Top Referrers (aka referrer) plugin in Serendipity (S9Y) before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header.
Remediation
References
Related Vulnerabilities
OpenSSL Resource Management Errors Vulnerability (CVE-2012-0050)
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-38268)
Magento Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2019-8235)
Drupal Core 8.9.x Multiple Security Bypass Vulnerabilities (8.9.0 - 8.9.18)
WordPress Plugin Export User Data Cross-Site Scripting (1.3.1)