4 matches found
[SECURITY] [DSA 4228-1] spip security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4228-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 14, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4228-1] spip security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4228-1 [email protected] https://www.debian.org/security/ Sebastien Delafond June 14, 2018 https://www.debian.org/security/faq -...
CVE-2017-15736
Cross-site scripting XSS vulnerability stored in SPIP before 3.1.7 allows remote attackers to inject arbitrary web script or HTML via a crafted string, as demonstrated by a PGP field, related to prive/objets/contenu/auteur.html and ecrire/inc/textemini.php...
CVE-2017-15736
CVE-2017-15736 is a stored XSS in SPIP (pre-3.1.7) exploitable via crafted strings in the PGP field, related to prive/objets/contenu/auteur.html and ecrire/inc/texte_mini.php. Affected versions: SPIP before 3.1.7. Remediation: upgrade to SPIP 3.1.7 or later. Exploitation details are not described...