CVE-2007-6205
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Cross-site scripting (XSS) vulnerability in the remote RSS sidebar plugin (serendipity_plugin_remoterss) in S9Y Serendipity before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a link in an RSS feed.
Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en el añadido del lector RSS remoto de la barra lateral (serendipity_plugin_remoterss) en S9Y Serendipity before 1.2.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de un enlace en un alimentador RSS.
The Serendipity blog system contains a plugin to display the content of feeds in the sidebar (serendipity_plugin_remoterss). If an attacker can modify the RSS feed, it is possible to inject javascript code in the link part, because it is not correctly escaped. Versions below 1.2.1 are affected.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-12-03 CVE Reserved
- 2007-12-11 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- 2024-09-06 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (11)
URL | Tag | Source |
---|---|---|
http://blog.s9y.org/archives/187-Serendipity-1.2.1-released.html | X_refsource_confirm | |
http://osvdb.org/39143 | Vdb Entry | |
http://secunia.com/advisories/29502 | Third Party Advisory | |
http://securityreason.com/securityalert/3437 | Third Party Advisory | |
http://www.securityfocus.com/archive/1/484800/100/0/threaded | Mailing List | |
http://www.vupen.com/english/advisories/2007/4171 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/38947 | Vdb Entry |
URL | Date | SRC |
---|---|---|
http://www.int21.de/cve/CVE-2007-6205-s9y.html | 2024-08-07 |
URL | Date | SRC |
---|---|---|
http://www.securityfocus.com/bid/26783 | 2018-10-15 |
URL | Date | SRC |
---|---|---|
http://secunia.com/advisories/28012 | 2018-10-15 | |
http://www.debian.org/security/2008/dsa-1528 | 2018-10-15 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.3 Search vendor "S9y" for product "Serendipity" and version "0.3" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.4 Search vendor "S9y" for product "Serendipity" and version "0.4" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.5 Search vendor "S9y" for product "Serendipity" and version "0.5" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.5_pl1 Search vendor "S9y" for product "Serendipity" and version "0.5_pl1" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.6 Search vendor "S9y" for product "Serendipity" and version "0.6" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.6_pl1 Search vendor "S9y" for product "Serendipity" and version "0.6_pl1" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.6_pl2 Search vendor "S9y" for product "Serendipity" and version "0.6_pl2" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.6_pl3 Search vendor "S9y" for product "Serendipity" and version "0.6_pl3" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.6_rc1 Search vendor "S9y" for product "Serendipity" and version "0.6_rc1" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.6_rc2 Search vendor "S9y" for product "Serendipity" and version "0.6_rc2" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.7 Search vendor "S9y" for product "Serendipity" and version "0.7" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.7.1 Search vendor "S9y" for product "Serendipity" and version "0.7.1" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.7_beta1 Search vendor "S9y" for product "Serendipity" and version "0.7_beta1" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.7_beta2 Search vendor "S9y" for product "Serendipity" and version "0.7_beta2" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.7_beta3 Search vendor "S9y" for product "Serendipity" and version "0.7_beta3" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.7_beta4 Search vendor "S9y" for product "Serendipity" and version "0.7_beta4" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.7_rc1 Search vendor "S9y" for product "Serendipity" and version "0.7_rc1" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.8 Search vendor "S9y" for product "Serendipity" and version "0.8" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.8.1 Search vendor "S9y" for product "Serendipity" and version "0.8.1" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.8.2 Search vendor "S9y" for product "Serendipity" and version "0.8.2" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.8.3 Search vendor "S9y" for product "Serendipity" and version "0.8.3" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.8.4 Search vendor "S9y" for product "Serendipity" and version "0.8.4" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.8.5 Search vendor "S9y" for product "Serendipity" and version "0.8.5" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.8_beta_5 Search vendor "S9y" for product "Serendipity" and version "0.8_beta_5" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.8_beta_6 Search vendor "S9y" for product "Serendipity" and version "0.8_beta_6" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.8_beta5 Search vendor "S9y" for product "Serendipity" and version "0.8_beta5" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.8_beta6 Search vendor "S9y" for product "Serendipity" and version "0.8_beta6" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.9 Search vendor "S9y" for product "Serendipity" and version "0.9" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 0.9.1 Search vendor "S9y" for product "Serendipity" and version "0.9.1" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 1.0.3 Search vendor "S9y" for product "Serendipity" and version "1.0.3" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 1.0.4 Search vendor "S9y" for product "Serendipity" and version "1.0.4" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 1.0_beta1 Search vendor "S9y" for product "Serendipity" and version "1.0_beta1" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 1.0_beta2 Search vendor "S9y" for product "Serendipity" and version "1.0_beta2" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 1.0_beta3 Search vendor "S9y" for product "Serendipity" and version "1.0_beta3" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 1.1.1 Search vendor "S9y" for product "Serendipity" and version "1.1.1" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 1.1.3 Search vendor "S9y" for product "Serendipity" and version "1.1.3" | - |
Affected
| ||||||
S9y Search vendor "S9y" | Serendipity Search vendor "S9y" for product "Serendipity" | 1.1.4 Search vendor "S9y" for product "Serendipity" and version "1.1.4" | - |
Affected
|