CVE-2011-1134

Published: 05 November 2019

Cross-Site Scripting (XSS) in Xinha, as included in the Serendipity package before 1.5.5, allows remote attackers to execute arbitrary code in the image manager.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
dotlrn
Launchpad, Ubuntu, Debian
Upstream
Released (2.5.0+dfsg-2)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected)
openacs
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was not-affected)
serendipity
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist