Unrated severityNVD Advisory· Published Oct 21, 2004· Updated Jun 16, 2026
CVE-2004-1620
CVE-2004-1620
Description
CRLF injection vulnerability in Serendipity before 0.7rc1 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the url parameter in (1) index.php and (2) exit.php, or (3) the HTTP Referer field in comment.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <0.7rc1
- Range: <0.7rc1
Patches
Vulnerability mechanics
References
13- secunia.com/advisories/12909/nvdExploitPatchVendor Advisory
- www.s9y.org/5.htmlnvdExploitPatchVendor Advisory
- www.securityfocus.com/bid/11497nvdExploitPatchVendor Advisory
- cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/comment.phpnvd
- cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/exit.phpnvd
- cvs.sourceforge.net/viewcvs.py/php-blog/serendipity/index.phpnvd
- marc.infonvd
- securitytracker.com/idnvd
- sourceforge.net/project/shownotes.phpnvd
- www.osvdb.org/11013nvd
- www.osvdb.org/11038nvd
- www.osvdb.org/11039nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/17798nvd
News mentions
0No linked articles in our index yet.