prive/formulaires/configurer_preferences.php in SPIP before 3.2.8 does not properly validate the couleur, display, display_navigation, display_outils, imessage, and spip_ecran parameters.
Max CVSS
9.8
EPSS Score
0.16%
Published
2020-11-23
Updated
2021-02-04
1 vulnerabilities found