3 matches found
DEBIAN-CVE-2026-26345
SPIP before 4.4.8 contains a stored cross-site scripting XSS vulnerability in the public area triggered in certain edge-case usage patterns. The echapperhtmlsuspect function does not adequately sanitize user-controlled content, allowing authenticated users with content-editing privileges e.g.,...
CVE-2026-26345 SPIP < 4.4.8 Cross-Site Scripting in Public Area
SPIP before 4.4.8 contains a stored cross-site scripting XSS vulnerability in the public area triggered in certain edge-case usage patterns. The echapperhtmlsuspect function does not adequately sanitize user-controlled content, allowing authenticated users with content-editing privileges e.g.,...
Linux Distros Unpatched Vulnerability : CVE-2026-26345
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SPIP before 4.4.8 contains a stored cross-site scripting XSS vulnerability in the public area triggered in certain edge-case usage patterns. The...