CVE-2014-9432
Serendipity (PHP weblog) is affected by multiple XSS vulnerabilities in templates/2k11/admin/overview.inc.tpl, exploitable via a blog comment in the QUERY_STRING to serendipity/index.php. Affected version: before 2.0-rc2; fix released in 2.0-rc2. The vulnerability allows remote attackers to injec...