Main Vulnerability Database Exploits ID:3561 - Exploit for Cross-site scripting in Serendipity - CVE-2011-4090

ID:3561 - Exploit for Cross-site scripting in Serendipity - CVE-2011-4090

Published: July 20, 2020

Vulnerability identifier: #VU30578

Vulnerability risk: Low

CVE-ID: CVE-2011-4090

CWE-ID: CWE-79

Exploitation vector: Remote access

Vulnerable software:
Serendipity

Link to public exploit:

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Serendipity before 1.6 has an XSS issue in the karma plugin which may allow privilege escalation.

Install update from vendor's website.