CVE-2008-0751
published 2008-02-13CVE-2008-0751: Cross-site scripting (XSS) vulnerability in the Freetag before 2.96 plugin for S9Y Serendipity, when using Internet Explorer 6 or 7, allows remote attackers to…
PriorityP416medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
2.22%
80.5th percentile
Cross-site scripting (XSS) vulnerability in the Freetag before 2.96 plugin for S9Y Serendipity, when using Internet Explorer 6 or 7, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to plugin/tag/.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| s9y | serendipity_event_freetag | < 2.96 | 2.96 |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://blog.s9y.org/archives/190-Freetag-plugin-updated-to-prevent-XSS.htmlhttp://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060122.htmlhttp://secunia.com/advisories/28852http://www.bitsploit.de/uploads/Code/200802080000/http://www.securityfocus.com/bid/27697https://exchange.xforce.ibmcloud.com/vulnerabilities/40376http://blog.s9y.org/archives/190-Freetag-plugin-updated-to-prevent-XSS.htmlhttp://lists.grok.org.uk/pipermail/full-disclosure/2008-February/060122.htmlhttp://secunia.com/advisories/28852http://www.bitsploit.de/uploads/Code/200802080000/http://www.securityfocus.com/bid/27697https://exchange.xforce.ibmcloud.com/vulnerabilities/40376
2008-02-13
Published