Vulnerability Details : CVE-2020-28984
prive/formulaires/configurer_preferences.php in SPIP before 3.2.8 does not properly validate the couleur, display, display_navigation, display_outils, imessage, and spip_ecran parameters.
Threat overview for CVE-2020-28984
Top countries where our scanners detected CVE-2020-28984
Top open port discovered on systems with this issue 80
IPs affected by CVE-2020-28984 19
Threat actors abusing to this issue? Yes
Find out if you* are affected by CVE-2020-28984!
*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2020-28984
Probability of exploitation activity in the next 30 days: 0.16%
CVSS scores for CVE-2020-28984
|Base Score||Base Severity||CVSS Vector||Exploitability Score||Impact Score||Source|
References for CVE-2020-28984
[SECURITY] [DLA 2505-1] spip security updateMailing List;Third Party Advisory
Comparing 8eb11ba132...0cb72efbf5 - spip - SPIP on GITRelease Notes;Vendor Advisory
n'enregistrer que les preferences licites (g0uZ) · ae4267eba1 - spip - SPIP on GITPatch;Vendor Advisory
Debian -- Security Information -- DSA-4798-1 spipThird Party Advisory