CVE-2004-2157

The CVE-2004-2157 entry describes a cross-site scripting (XSS) vulnerability in Serendipity 0.7 beta1 (and possibly earlier versions before 0.7-beta3) in the Comment.php component. The flaw allows remote attackers to inject arbitrary HTML and PHP code via the (1) email or (2) username field, impa...

CVE-2004-2157

Cross-site scripting XSS vulnerability in Comment.php in Serendipity 0.7 beta1, and possibly other versions before 0.7-beta3, allows remote attackers to inject arbitrary HTML and PHP code via the 1 email or 2 username field...