CVE-2013-7303

2014-01-30T21:55:00
ID CVE-2013-7303
Type cve
Reporter cve@mitre.org
Modified 2017-08-29T01:34:00

Description

Multiple cross-site scripting (XSS) vulnerabilities in (1) squelettes-dist/formulaires/inscription.php and (2) prive/forms/editer_auteur.php in SPIP before 2.1.25 and 3.0.x before 3.0.13 allow remote attackers to inject arbitrary web script or HTML via the author name field.