This script is Copyright (C) 2004-2012 Tenable Network Security, Inc.
The remote web server contains a PHP application that is affected by a
cross-site scripting flaw.
The remote version of Serendipity is vulnerable to cross-site
scripting attacks due to a lack of sanity checks on the 'searchTerm'
parameter in the 'compat.php' script. With a specially crafted URL,
an attacker can cause arbitrary code execution in a user's browser
resulting in a loss of integrity.
See also :
Upgrade to Serendipity 0.7.1 or newer.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : true