6.1 Medium
AI Score
Confidence
High
0.007 Low
EPSS
Percentile
80.1%
Cross-site scripting (XSS) vulnerability in Comment.php in Serendipity 0.7 beta1, and possibly other versions before 0.7-beta3, allows remote attackers to inject arbitrary HTML and PHP code via the (1) email or (2) username field.
lists.grok.org.uk/pipermail/full-disclosure/2004-September/026955.html
secunia.com/advisories/12673/
securitytracker.com/id?1011448
www.securityfocus.com/bid/11269
exchange.xforce.ibmcloud.com/vulnerabilities/17536