S9Y Serendipity 2.0.4 Cross Site Scripting

======================================== Title: Serendipity-2.0.4 latest version - Stored Cross Site Scripting Application: Serendipity Class: Sensitive Information disclosure Versions Affected: alert'Meryem ExploitDB' HTTP Request POST /serendipity/serendipityadmin.php? HTTP/1.1 Host: sitename...

S9Y Serendipity Freetag-plugin 3.23 - 'serendipity[tagview]' Cross-Site Scripting

source: https://www.securityfocus.com/bid/49771/info Serendipity Freetag-plugin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting use...