Vulnonym.org

CVE-2008-1385 - Moanful Measure

Description

Cross-site scripting (XSS) vulnerability in the Top Referrers (aka referrer) plugin in Serendipity (S9Y) before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header.

Reference

http://archives.neohapsis.com/archives/fulldisclosure/2008-04/0590.html http://int21.de/cve/CVE-2008-1385-s9y.html http://blog.s9y.org/archives/193-Serendipity-1.3.1-released.html http://www.securityfocus.com/bid/28885 http://www.securitytracker.com/id?1019915 http://secunia.com/advisories/29942 http://www.vupen.com/english/advisories/2008/1348/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41965 http://www.securityfocus.com/archive/1/491176/100/0/threaded