Posted by Onur Yilmaz on Jan 08

Information
——————–
Advisory by Netsparker
Name: XSS Vulnerability in Serendipity
Affected Software : Serendipity
Affected Versions: v2.0.2 and possibly below
Vendor Homepage : http://www.s9y.org
Vulnerability Type : Cross-site Scripting
Severity : Important
Status : Fixed
CVE-ID : CVE-2015-8603
Netsparker Advisory Reference : NS-15-024

Description
——————–
By exploiting a Cross-site scripting vulnerability the attacker…