Serendipity CMS version 2.0 suffers from a cross site scripting vulnerability.