PRIOn knowledge basePRION:CVE-2007-6205Cross site scripting
5.9 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
75.5%
Cross-site scripting (XSS) vulnerability in the remote RSS sidebar plugin (serendipity_plugin_remoterss) in S9Y Serendipity before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a link in an RSS feed.
References
blog.s9y.org/archives/187-Serendipity-1.2.1-released.html
osvdb.org/39143
secunia.com/advisories/28012
secunia.com/advisories/29502
securityreason.com/securityalert/3437
www.debian.org/security/2008/dsa-1528
www.int21.de/cve/CVE-2007-6205-s9y.html
www.securityfocus.com/archive/1/484800/100/0/threaded
www.securityfocus.com/bid/26783
www.vupen.com/english/advisories/2007/4171
exchange.xforce.ibmcloud.com/vulnerabilities/38947
Related
5.9 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
75.5%