What is the severity of CVE-2008-0124?

CVE-2008-0124 is classified as a medium severity cross-site scripting (XSS) vulnerability.

How do I fix CVE-2008-0124?

To fix CVE-2008-0124, upgrade Serendipity to version 1.3-beta1 or later.

What versions of Serendipity are affected by CVE-2008-0124?

CVE-2008-0124 affects all Serendipity versions prior to 1.3-beta1, including versions 0.3 to 1.2.

What is the impact of CVE-2008-0124?

The impact of CVE-2008-0124 allows authenticated users to inject arbitrary web scripts or HTML, potentially compromising user data.

Who is at risk from CVE-2008-0124?

Remote authenticated users of the affected Serendipity versions are at risk from CVE-2008-0124 due to the XSS vulnerability.

Vulnerability/
CVE-2008-0124

medium

4.3

CWE

28/2/2008

7/8/2024

CVE-2008-0124: XSS

First published: Thu Feb 28 2008(Updated: )

Cross-site scripting (XSS) vulnerability in Serendipity (S9Y) before 1.3-beta1 allows remote authenticated users to inject arbitrary web script or HTML via (1) the "Real name" field in Personal Settings, which is presented to readers of articles; or (2) a file upload, as demonstrated by a .htm, .html, or .js file.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Serendipity (S9Y) Freetag Event	=0.5
Serendipity (S9Y) Freetag Event	=0.8_beta5
Serendipity (S9Y) Freetag Event	=1.0.3
Serendipity (S9Y) Freetag Event	=1.1.4
Serendipity (S9Y) Freetag Event	=0.4
Serendipity (S9Y) Freetag Event	=0.7
Serendipity (S9Y) Freetag Event	=1.0.4
Serendipity (S9Y) Freetag Event	=0.7_beta1
Serendipity (S9Y) Freetag Event	=1.0_beta3
Serendipity (S9Y) Freetag Event	=0.8.2
Serendipity (S9Y) Freetag Event	=0.6_rc1
Serendipity (S9Y) Freetag Event	=1.1.1
Serendipity (S9Y) Freetag Event	=0.8_beta_6_snapshot
Serendipity (S9Y) Freetag Event	=0.7.1
Serendipity (S9Y) Freetag Event	=0.5_pl1
Serendipity (S9Y) Freetag Event	=0.6_pl2
Serendipity (S9Y) Freetag Event	=1.0_beta2
Serendipity (S9Y) Freetag Event	=0.7_beta3
Serendipity (S9Y) Freetag Event	=0.8_beta6
Serendipity (S9Y) Freetag Event	=0.7_beta4
Serendipity (S9Y) Freetag Event	=0.6_pl1
Serendipity (S9Y) Freetag Event	=0.8.1
Serendipity (S9Y) Freetag Event	=0.8
Serendipity (S9Y) Freetag Event	=1.2.1
Serendipity (S9Y) Freetag Event	=0.3
Serendipity (S9Y) Freetag Event	=0.6_pl3
Serendipity (S9Y) Freetag Event	=0.9.1
Serendipity (S9Y) Freetag Event	=0.6_rc2
Serendipity (S9Y) Freetag Event	=1.2__beta5
Serendipity (S9Y) Freetag Event	=1.1.3
Serendipity (S9Y) Freetag Event	=1.2
Serendipity (S9Y) Freetag Event	=0.7_beta2
Serendipity (S9Y) Freetag Event	=0.7_rc1
Serendipity (S9Y) Freetag Event	=0.6

Remedy

http://blog.s9y.org/archives/191-Serendipity-1.3-beta1-released.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-0124?
CVE-2008-0124 is classified as a medium severity cross-site scripting (XSS) vulnerability.
How do I fix CVE-2008-0124?
To fix CVE-2008-0124, upgrade Serendipity to version 1.3-beta1 or later.
What versions of Serendipity are affected by CVE-2008-0124?
CVE-2008-0124 affects all Serendipity versions prior to 1.3-beta1, including versions 0.3 to 1.2.
What is the impact of CVE-2008-0124?
The impact of CVE-2008-0124 allows authenticated users to inject arbitrary web scripts or HTML, potentially compromising user data.
Who is at risk from CVE-2008-0124?
Remote authenticated users of the affected Serendipity versions are at risk from CVE-2008-0124 due to the XSS vulnerability.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/remedy
agent/author
agent/weakness
agent/severity
agent/references
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/s9y
canonical/serendipity (s9y) freetag event
version/serendipity (s9y) freetag event/0.5
version/serendipity (s9y) freetag event/0.8_beta5
version/serendipity (s9y) freetag event/1.0.3
version/serendipity (s9y) freetag event/1.1.4
version/serendipity (s9y) freetag event/0.4
version/serendipity (s9y) freetag event/0.7
version/serendipity (s9y) freetag event/1.0.4
version/serendipity (s9y) freetag event/0.7_beta1
version/serendipity (s9y) freetag event/1.0_beta3
version/serendipity (s9y) freetag event/0.8.2
version/serendipity (s9y) freetag event/0.6_rc1
version/serendipity (s9y) freetag event/1.1.1
version/serendipity (s9y) freetag event/0.8_beta_6_snapshot
version/serendipity (s9y) freetag event/0.7.1
version/serendipity (s9y) freetag event/0.5_pl1
version/serendipity (s9y) freetag event/0.6_pl2
version/serendipity (s9y) freetag event/1.0_beta2
version/serendipity (s9y) freetag event/0.7_beta3
version/serendipity (s9y) freetag event/0.8_beta6
version/serendipity (s9y) freetag event/0.7_beta4
version/serendipity (s9y) freetag event/0.6_pl1
version/serendipity (s9y) freetag event/0.8.1
version/serendipity (s9y) freetag event/0.8
version/serendipity (s9y) freetag event/1.2.1
version/serendipity (s9y) freetag event/0.3
version/serendipity (s9y) freetag event/0.6_pl3
version/serendipity (s9y) freetag event/0.9.1
version/serendipity (s9y) freetag event/0.6_rc2
version/serendipity (s9y) freetag event/1.2__beta5
version/serendipity (s9y) freetag event/1.1.3
version/serendipity (s9y) freetag event/1.2
version/serendipity (s9y) freetag event/0.7_beta2
version/serendipity (s9y) freetag event/0.7_rc1
version/serendipity (s9y) freetag event/0.6

CVE-2008-0124: XSS

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-0124?

How do I fix CVE-2008-0124?

What versions of Serendipity are affected by CVE-2008-0124?

What is the impact of CVE-2008-0124?

Who is at risk from CVE-2008-0124?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2008-0124?

How do I fix CVE-2008-0124?

What versions of Serendipity are affected by CVE-2008-0124?

What is the impact of CVE-2008-0124?

Who is at risk from CVE-2008-0124?