>> Serendipity Data Handling Client-Side Cross Site Scripting Vulnerabilities
Title : Serendipity Data Handling Client-Side Cross Site Scripting Vulnerabilities VUPEN ID : VUPEN/ADV-2008-0700 CVE ID : CVE-2008-0124
Rated as : Low Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2008-02-28
Technical Description
Multiple vulnerabilities have been identified in Serendipity, which could be exploited by attackers to execute arbitrary scripting code. These issues are caused by input validation errors when processing user-supplied data, which could be exploited by attackers to cause arbitrary scripting code to be executed by the user's browser in the security context of an affected Web site.
