Linux Distros Unpatched Vulnerability : CVE-2019-16392

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SPIP before 3.1.11 and 3.2 before 3.2.5 allows prive/formulaires/login.php XSS via error messages. CVE-2019-16392 Note that Nessus relies on the presence of the...

[SECURITY] [DSA 4532-1] spip security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4532-1 [email protected] https://www.debian.org/security/ Sebastien Delafond September 25, 2019 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4532-1] spip security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4532-1 [email protected] https://www.debian.org/security/ Sebastien Delafond September 25, 2019 https://www.debian.org/security/faq -...

SPIP < 3.1.11, 3.2.x < 3.2.5 Multiple Vulnerabilities

SPIP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:spip:spip"; ifdescription...

CVE-2019-16392

SPIP vulnerability CVE-2019-16392 affects SPIP prior to 3.1.11 and 3.2 prior to 3.2.5. The issue is a cross-site scripting (XSS) through error messages exposed by login.php, allowing a remote attacker to trigger script execution via crafted input. The impact is described in CVSS terms as medium s...