Spip : Security Vulnerabilities, CVEs, Published In 2014 CVSS score >= 3
Multiple cross-site scripting (XSS) vulnerabilities in (1) squelettes-dist/formulaires/inscription.php and (2) prive/forms/editer_auteur.php in SPIP before 2.1.25 and 3.0.x before 3.0.13 allow remote attackers to inject arbitrary web script or HTML via the author name field.
Max CVSS
4.3
EPSS Score
0.31%
Published
2014-01-30
Updated
2017-08-29
1 vulnerabilities found