CVE-2010-2957

Vulnerability

Serendipity versions prior to 1.5.4 contain a cross-site scripting (XSS) vulnerability that is triggered through unspecified vectors when the "Remember me" login feature is enabled in the backend [1][2][3]. The issue was discovered and reported by High-Tech Bridge and fixed by the Serendipity team within 24 hours [3].

Exploitation

An attacker can exploit this vulnerability only if the targeted Serendipity installation has the "Remember me" feature activated in the backend [1][2][3]. The attacking vector requires no authentication beyond the affected feature being enabled; the attacker can inject arbitrary web script or HTML via unspecified vectors [2].

Impact

Successful exploitation allows a remote attacker to perform cross-site scripting attacks, potentially leading to session hijacking, defacement, or theft of sensitive information within the context of the affected Serendipity backend session [1][2][3].

Mitigation

The vulnerability is fixed in Serendipity version 1.5.4, released on an unspecified date prior to 2010-08-29 [3]. Users can patch the issue by replacing only the file include/functions_config.inc.php with the updated version from the release, or by applying the provided patch [3]. No workaround is available for versions prior to 1.5.4 other than upgrading or disabling the "Remember me" feature.