Serendipity < 0.7.0rc1 HTTP Response Splitting
Medium Nessus Network Monitor Plugin ID 2367
SynopsisThe remote host is vulnerable to a Cross-Site Scripting (XSS) attack.
DescriptionThe remote host is running Serendipity, a weblog written in PHP.
The remote version of this software is vulnerable to a HTTP response splitting vulnerability that may allow an attacker to perform a cross-site scripting attack against the remote host.
SolutionUpgrade to Serendipity 0.7.0rc1 or higher.