Multiple cross-site scripting (XSS) vulnerabilities in the component /spip.php of Spip Web Framework v3.1.13 and below allows attackers to execute arbitrary web scripts or HTML.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | spip | < 3.2.8-1 | spip_3.2.8-1_all.deb |
Debian | 11 | all | spip | < 3.2.8-1 | spip_3.2.8-1_all.deb |
Debian | 10 | all | spip | < 3.2.4-1+deb10u3 | spip_3.2.4-1+deb10u3_all.deb |
Debian | 999 | all | spip | < 3.2.8-1 | spip_3.2.8-1_all.deb |
Debian | 13 | all | spip | < 3.2.8-1 | spip_3.2.8-1_all.deb |