Hanno's projects: Reflected xss in Serendipity's /index.php

Summary: There exists a reflected xss threat in https://blog.fuzzing-project.org/index.php?frontpage. Description: By setting the serendipity%5bmultiCat%5d%5b%5d POST input to 1'"&%prompt1 I'm able to trigger a JavaScript prompt box in versions of IE up to and including IE 11. Steps To Reproduce:...