Home CVE Database CVE-2008-0124

CVE-2008-0124

Description

Cross-site scripting (XSS) vulnerability in Serendipity (S9Y) before 1.3-beta1 allows remote authenticated users to inject arbitrary web script or HTML via (1) the Real name field in Personal Settings, which is presented to readers of articles; or (2) a file upload, as demonstrated by a .htm, .html, or .js file.

Priority: Medium
CVSS v3: 0.0
Publish Date: Feb 28, 2008
Related ID: --
CVSS v2: 4.3
Modified Date: Sep 5, 2008

Find out more about CVE-2008-0124 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Product Name Status Defect Fixed Downloads
Linux
Wind River Linux LTS 17 Not Vulnerable -- -- --
Wind River Linux 8 Not Vulnerable -- -- --
Wind River Linux 9 Not Vulnerable -- -- --
Wind River Linux 7 Not Vulnerable -- -- --
Wind River Linux LTS 18 Not Vulnerable -- -- --
Wind River Linux LTS 19 Not Vulnerable -- -- --
Wind River Linux CD release Not Vulnerable -- -- --
VxWorks
VxWorks 7 Not Vulnerable -- -- --
VxWorks 6.9 Not Vulnerable -- -- --

Related Products

Product Name Status Defect Fixed Downloads

Comments

WRLinux doesn't ship s9y serendipity.

Live chat
Online