Published: 14/08/2012 Updated: 29/08/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in SPIP 1.9.x prior to 1.9.2.o, 2.0.x prior to 2.0.18, and 2.1.x prior to 2.1.13 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
spip spip 1.9
spip spip 1.9.1
spip spip 1.9.2
spip spip 2.0
spip spip 2.1

Debian Bug report logs - #672961 SPIP: Cross-site scripting fixed in new upstream release Package: spip; Maintainer for spip is David Prévot <taffit@debianorg>; Source for spip is src:spip (PTS, buildd, popcon) Reported by: David PrÃ©vot <taffit@debianorg> Date: Mon, 14 May 2012 23:21:02 UTC Severity: grave Tag ...

Debian Bug report logs - #671264 [CVE-2012-2151] spip: multiple XSS Package: spip; Maintainer for spip is David Prévot <taffit@debianorg>; Source for spip is src:spip (PTS, buildd, popcon) Reported by: Luciano Bello <luciano@debianorg> Date: Wed, 2 May 2012 20:09:01 UTC Severity: grave Tags: security, upstream M ...

CWE-79 http://www.osvdb.org/81473 http://www.securityfocus.com/bid/53216 http://archives.rezo.net/archives/spip-en.mbox/U5QUZ6WJRAJC7H5BR7W5SQG6WCD3PXL7/http://secunia.com/advisories/48939 http://www.openwall.com/lists/oss-security/2012/05/01/4 http://www.securitytracker.com/id?1026970 http://www.openwall.com/lists/oss-security/2012/04/30/4 http://www.debian.org/security/2012/dsa-2461 https://exchange.xforce.ibmcloud.com/vulnerabilities/75104 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=672961

CVE-2012-2151

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect