CVE-2013-5314

Published: Aug 19, 2013Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in serendipity_admin_image_selector.php in Serendipity 1.6.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the serendipity[htmltarget] parameter.

Affected (36)

Products: S9y: Serendipity

S9y

1 product

Serendipity

Configuration A

36 vulnerable

Vulnerable Software	Affected Versions
S9y Serendipity	Up to 1.6.2
S9y Serendipity	Version 0.3
S9y Serendipity	Version 0.4
S9y Serendipity	Version 0.7.1
S9y Serendipity	Version 0.7
S9y Serendipity	Version 0.8.1
S9y Serendipity	Version 0.8.2
S9y Serendipity	Version 0.8.3
S9y Serendipity	Version 0.8.4
S9y Serendipity	Version 0.8.5
S9y Serendipity	Version 0.8
S9y Serendipity	Version 0.9.1
S9y Serendipity	Version 0.9
S9y Serendipity	Version 1.0.1
S9y Serendipity	Version 1.0.2
S9y Serendipity	Version 1.0.3
S9y Serendipity	Version 1.0.4
S9y Serendipity	Version 1.0
S9y Serendipity	Version 1.1.1
S9y Serendipity	Version 1.1.2
S9y Serendipity	Version 1.1.3
S9y Serendipity	Version 1.1.4
S9y Serendipity	Version 1.1
S9y Serendipity	Version 1.2.1
S9y Serendipity	Version 1.2
S9y Serendipity	Version 1.3.1
S9y Serendipity	Version 1.3
S9y Serendipity	Version 1.4.1
S9y Serendipity	Version 1.4
S9y Serendipity	Version 1.5.1
S9y Serendipity	Version 1.5.2
S9y Serendipity	Version 1.5.3
S9y Serendipity	Version 1.5.4
S9y Serendipity	Version 1.5.5
S9y Serendipity	Version 1.6.1
S9y Serendipity	Version 1.6