Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6205

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-6205
Last Modified 07 Mar 2011 10:02:09
Published 11 Dec 2007 03:46:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-6205

Summary

Cross-site scripting (XSS) vulnerability in the remote RSS sidebar plugin (serendipity_plugin_remoterss) in S9Y Serendipity before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a link in an RSS feed.

Vulnerable Systems

Application

  • S9y Serendipity 0.3

  • S9y Serendipity 0.4

  • S9y Serendipity 0.5

  • S9y Serendipity 0.5 Pl1

  • S9y Serendipity 0.6

  • S9y Serendipity 0.6 Pl1

  • S9y Serendipity 0.6 Pl2

  • S9y Serendipity 0.6 Pl3

  • S9y Serendipity 0.6 Rc1

  • S9y Serendipity 0.6 Rc2

  • S9y Serendipity 0.7

  • S9y Serendipity 0.7 Beta1

  • S9y Serendipity 0.7 Beta2

  • S9y Serendipity 0.7 Beta3

  • S9y Serendipity 0.7 Beta4

  • S9y Serendipity 0.7 Rc1

  • S9y Serendipity 0.7.1

  • S9y Serendipity 0.8

  • S9y Serendipity 0.8 Beta 5

  • S9y Serendipity 0.8 Beta 6

  • S9y Serendipity 0.8 Beta5

  • S9y Serendipity 0.8 Beta6

  • S9y Serendipity 0.8.1

  • S9y Serendipity 0.8.2

  • S9y Serendipity 0.8.3

  • S9y Serendipity 0.8.4

  • S9y Serendipity 0.8.5

  • S9y Serendipity 0.9

  • S9y Serendipity 0.9.1

  • S9y Serendipity 1.0 Beta1

  • S9y Serendipity 1.0 Beta2

  • S9y Serendipity 1.0 Beta3

  • S9y Serendipity 1.0.3

  • S9y Serendipity 1.0.4

  • S9y Serendipity 1.1.1

  • S9y Serendipity 1.1.3

  • S9y Serendipity 1.1.4


References

BID - 26783

VUPEN - ADV-2007-4171

BUGTRAQ - 20071210 CVE-2007-6205

MISC - http://www.int21.de/cve/CVE-2007-6205-s9y.html

SECUNIA - 28012

OSVDB - 39143

CONFIRM - http://blog.s9y.org/archives/187-Serendipity-1.2.1-released.html

XF - serendipity-rss-feeds-xss(38947)

DEBIAN - DSA-1528

SREASON - 3437

SECUNIA - 29502


Last Updated: 27 May 2016 10:46:24