CVE-2016-7981

2017-01-18T17:59:00
ID CVE-2016-7981
Type cve
Reporter cve@mitre.org
Modified 2017-01-23T23:48:00

Description

Cross-site scripting (XSS) vulnerability in valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the var_url parameter in a valider_xml action.