CVE-2011-4090
CVE-2011-4090
Vexday Risk Score
23Low
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS —EPSS 3.1%KEV nãoPoC públicaNuclei —Metasploit —Patch —
Lifecycle
03 Nov 2011Public PoC
26 Nov 2019Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
Serendipity before 1.6 has an XSS issue in the karma plugin which may allow privilege escalation.
Affected products
serendipity · serendipitypublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/36283unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →