VYPR
Unrated severityOSV Advisory· Published Dec 17, 2025· Updated Apr 7, 2026

Serendipity 2.4.0 Stored Cross-Site Scripting via Admin Entry Creation

CVE-2023-53932

Description

Serendipity 2.4.0 contains a stored cross-site scripting vulnerability that allows authenticated users to inject malicious scripts through blog entry creation. Attackers can craft entries with JavaScript payloads that will execute when other users view the compromised blog post.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.