SPIP 4.0.0 is affected by a Cross Site Scripting (XSS) vulnerability. To exploit the vulnerability, a visitor must browse to a malicious SVG file. The vulnerability allows an authenticated malicious user to inject malicious code running on the client side into web pages visited by other users (stored XSS).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
spip spip 4.0.0 |