8 matches found
USN-5482-2: SPIP vulnerabilities
USN-5482-1 fixed several vulnerabilities in SPIP. This update provides the corresponding updates for Ubuntu 20.04 LTS for CVE-2021-44118, CVE-2021-44120, CVE-2021-44122 and CVE-2021-44123. Original advisory details: It was discovered that SPIP incorrectly validated inputs. An authenticated attack...
Ubuntu 18.04 LTS : SPIP vulnerabilities (USN-5482-1)
The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5482-1 advisory. It was discovered that SPIP incorrectly validated inputs. An authenticated attacker could possibly use this issue to execute arbitrary code. This issue...
USN-5482-1: SPIP vulnerabilities
It was discovered that SPIP incorrectly validated inputs. An authenticated attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. CVE-2020-28984 Charles Fol and Théo Gordyjan discovered that SPIP is vulnerable to Cross Site Scripting XSS. If a...
Debian DSA-4798-1 : spip - security update
It was discovered that SPIP, a website engine for publishing, did not correctly validate its input. This would allow authenticated users to execute arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...
CVE-2020-28984
prive/formulaires/configurerpreferences.php in SPIP before 3.2.8 does not properly validate the couleur, display, displaynavigation, displayoutils, imessage, and spipecran parameters...
CVE-2020-28984
prive/formulaires/configurerpreferences.php in SPIP before 3.2.8 does not properly validate the couleur, display, displaynavigation, displayoutils, imessage, and spipecran parameters...
CVE-2020-28984
prive/formulaires/configurerpreferences.php in SPIP before 3.2.8 does not properly validate the couleur, display, displaynavigation, displayoutils, imessage, and spipecran parameters...
CVE-2020-28984
CVE-2020-28984 affects SPIP before 3.2.8: prive/formulaires/configurer_preferences.php fails to properly validate couleur, display, display_navigation, display_outils, imessage, and spip_ecran parameters. Public advisories (Ubuntu/Debian) map this to remote code execution or arbitrary data handli...