It exists that SPIP incorrectly handled certain forms. A remote authenticated editor could possibly use this issue to execute arbitrary code, and a remote unauthenticated attacker could possibly use this issue to obtain sensitive information. (CVE-2022-26846, CVE-2022-26847)
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
spip spip 4.0.0 |