CVE-2019-11870
Serendipity before 2.1.5 is affected by a cross‑site scripting (XSS) vulnerability via EXIF data mishandled by the templates/2k11/admin/media_choose.tpl Editor Preview feature or the templates/2k11/admin/media_items.tpl Media Library feature. Affected products are Serendipity prior to 2.1.5; upst...