EUVD-2026-8607
The SPIP interfacetraductionobjets plugin versions prior to 4.3.3 contain an authenticated remote code execution vulnerability in the translation interface workflow. The plugin incorporates untrusted request data into a hidden form field that is rendered without SPIP output filtering. Because...