CVE-2019-11870

2019-05-09T23:29:00
ID CVE-2019-11870
Type cve
Reporter cve@mitre.org
Modified 2019-05-10T13:23:00

Description

Serendipity before 2.1.5 has XSS via EXIF data that is mishandled in the templates/2k11/admin/media_choose.tpl Editor Preview feature or the templates/2k11/admin/media_items.tpl Media Library feature.