icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Serendipity < 0.7-beta3 Multiple Vulnerabilities

High

Synopsis

The remote web server contains a script that is vulnerable to a SQL injection attack.

Description

The remote host is running a vulnerable version of Serendipity Web Log. Version 0.7beta1 is prone to both cross-site scripting (XSS) and SQL Injection attacks. Versions prior to 0.7beta3 should also be upgraded.

Solution

Upgrade to version 0.7beta3 or higher.