Serendipity cross-site scripting vulnerability (CNVD-2016-00303)
Serendipity is a PHP-based blogging system. Serendipity serendipityadmin.php script fails to adequately filter the 'serendipityentryid' parameter in the 'edit' admin operation. This allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to...