Candidate: CVE-2016-9681
PublicDate: 2016-12-25 17:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9681
 https://github.com/s9y/Serendipity/commit/e2a665e13b7de82a71c9bbb77575d15131b722be
 https://smarterbitbybit.com/cve-2016-9681-serendipity-cms-xss-vulnerability-in-version-2-0-4/
Description:
 Multiple cross-site scripting (XSS) vulnerabilities in Serendipity before
 2.0.5 allow remote authenticated users to inject arbitrary web script or
 HTML via a category or directory name.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N [5.4 MEDIUM]

Patches_serendipity:
upstream_serendipity: released (2.0.5)
precise_serendipity: ignored (reached end-of-life)
precise/esm_serendipity: DNE (precise was needed)
trusty_serendipity: DNE
trusty/esm_serendipity: DNE
vivid/stable-phone-overlay_serendipity: DNE
vivid/ubuntu-core_serendipity: DNE
xenial_serendipity: DNE
yakkety_serendipity: DNE
zesty_serendipity: DNE
devel_serendipity: DNE