Vulnerabilities > CVE-2005-1713 - Unspecified vulnerability in S9Y Serendipity 0.8
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Multiple cross-site scripting (XSS) vulnerabilities in Serendipity 0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) templatedropdown and (2) shoutbox plugins.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
| NASL family | CGI abuses |
| NASL id | SERENDIPITY_081.NASL |
| description | According to its banner, the version of Serendipity installed on the remote host is affected by multiple vulnerabilities : - Unauthorized File Upload Vulnerability There is a vulnerability that may allow editors to upload arbitrary media files when they otherwise would not be allowed to do so. - Multiple Cross-Site Scripting Vulnerabilities The |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 18298 |
| published | 2005-05-18 |
| reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/18298 |
| title | Serendipity < 0.8.1 Multiple Vulnerabilities |