NuytsTech Security

CVE-2010-2957

by ·

Cross-site scripting (XSS) vulnerability in Serendipity before 1.5.4, when "Remember me" logins are enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Date published : 2010-09-10

http://blog.s9y.org/archives/223-Serendipity-1.5.4-released.html

http://www.htbridge.ch/advisory/xss_vulnerability_in_serendipity.html

Tags: