SPIP 3.1.x suffers from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/puce_statut.php involving the `$id` parameter, as demonstrated by a /ecrire/?exec=puce_statut URL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
spip spip 3.1.0 |
||
spip spip 3.1.1 |
||
spip spip 3.1.2 |
||
spip spip 3.1.3 |