Cross-Site Scripting Vulnerability in Freetag Plugin for S9Y Serendipity
CVE-2008-0751

Currently unrated

Key Information:

Vendor: S9y
Status: Serendipity Event Freetag
Vendor: CVE Published:; 13 February 2008

What is CVE-2008-0751?

The Freetag plugin for S9Y Serendipity is susceptible to a Cross-Site Scripting (XSS) vulnerability. This flaw occurs when using Internet Explorer versions 6 or 7, enabling remote attackers to inject arbitrary web scripts or HTML through the PATH_INFO parameter to the plugin/tag endpoint. Malicious exploitation of this vulnerability could lead to unauthorized access or data manipulation within affected systems. It is crucial for users of the Freetag plugin to ensure they are updated to version 2.96 or later to mitigate this security risk.

References

http://blog.s9y.org/archives/190-Freetag-plugin-updated-t...

x_refsource_CONFIRM

http://www.bitsploit.de/uploads/Code/200802080000/

x_refsource_MISC

http://secunia.com/advisories/28852

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 13, 2008
Vulnerability Reserved
Feb 13, 2008

JSON

S9y

What is CVE-2008-0751?

References

Timeline