PublicDate: 2008-04-23 13:05:00 UTC
Candidate: CVE-2008-1386
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1386
Description:
 Multiple cross-site scripting (XSS) vulnerabilities in the installer in
 Serendipity (S9Y) 1.3 allow remote attackers to inject arbitrary web script
 or HTML via (1) unspecified path fields or (2) the database host field. 
 NOTE: the timing window for exploitation of this issue might be limited.
Ubuntu-Description:
Notes:
 jdstrand> vulenerable code not present per Debian
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_serendipity:
upstream_serendipity: needs-triage
dapper_serendipity: DNE
feisty_serendipity: not-affected
gutsy_serendipity: not-affected
hardy_serendipity: not-affected
devel_serendipity: not-affected