mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-30 00:40:29 +02:00
824 B
824 B
CVE-2014-9432
Description
Multiple cross-site scripting (XSS) vulnerabilities in templates/2k11/admin/overview.inc.tpl in Serendipity before 2.0-rc2 allow remote attackers to inject arbitrary web script or HTML via a blog comment in the QUERY_STRING to serendipity/index.php.
POC
Reference
- http://packetstormsecurity.com/files/129709/CMS-Serendipity-2.0-rc1-Cross-Site-Scripting.html
- http://seclists.org/fulldisclosure/2014/Dec/108
Github
No PoCs found on GitHub currently.