4 matches found
CVE-2019-19830
core/plugins/medias in SPIP 3.2.x before 3.2.7 allows remote authenticated authors to inject content into the database...
CVE-2019-19830
creationtimestamp| type| source ---|---|--- 2024-03-12 16:51:23+00:00| seen| https://t.me/ctinow/205844...
CVE-2019-19830
CVE-2019-19830 affects SPIP 3.2.x before 3.2.7, where the medias plugin (core /plugins/medias) allows a remote authenticated author to inject content into the database due to the underlying vulnerability in the media handling. The issue is a database injection risk that can impact data integrity....
Debian DSA-4583-1 : spip - security update
A vulnerability was discovered in the SPIP publishing system, which could result in unauthorised writes to the database by authors. The oldstable distribution stretch is not affected. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debia...