SPIP 3.1.x suffer from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/info_plugin.php involving the `$plugin` parameter, as demonstrated by a /ecrire/?exec=info_plugin URL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
spip spip 3.1.1 |
||
spip spip 3.1.2 |
||
spip spip 3.1.0 |
||
spip spip 3.1.3 |