Unrated severityOSV Advisory· Published Dec 17, 2025· Updated Apr 7, 2026
Serendipity 2.4.0 Stored Cross-Site Scripting via Admin Entry Creation
CVE-2023-53932
Description
Serendipity 2.4.0 contains a stored cross-site scripting vulnerability that allows authenticated users to inject malicious scripts through blog entry creation. Attackers can craft entries with JavaScript payloads that will execute when other users view the compromised blog post.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 2.1-beta1, 2.1-beta2, 2.1-beta3, …
- Range: = 2.4.0
Patches
Vulnerability mechanics
References
3- www.exploit-db.com/exploits/51373mitreexploit
- www.vulncheck.com/advisories/serendipity-stored-cross-site-scripting-via-admin-entry-creationmitrethird-party-advisory
- docs.s9y.orgmitreproduct
News mentions
0No linked articles in our index yet.