CVE-2019-11870 (serendipity)

Serendipity before 2.1.5 has XSS via EXIF data that is mishandled in the templates/2k11/admin/media_choose.tpl Editor Preview feature or the templates/2k11/admin/media_items.tpl Media Library feature.
Source: NIST
CVE-2019-11870 (serendipity)

Leave a Reply

Your email address will not be published.