Vulnerabilities in s9y
4 resultsCVE-2023-53933HIGHSerendipity 2.4.0 Authenticated Remote Code Execution via File UploadEPSS 0.9%CVE-2026-39971HIGHSerendipity: Host Header Injection leads to SMTP header injection via unvalidated HTTP_HOSTEPSS 0.3%CVE-2026-39963MEDIUMSerendipity: Host Header Injection enables authentication cookie scoping to an attacker-controlled domainEPSS 0.2%CVE-2023-53932MEDIUMSerendipity 2.4.0 Stored Cross-Site Scripting via Admin Entry CreationEPSS 0.2%