Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2026/02/26 4:15 a.m.7 views

CVE-2026-27745

The SPIP interfacetraductionobjets plugin versions prior to 2.2.2 contain an authenticated remote code execution vulnerability in the translation interface workflow. The plugin incorporates untrusted request data into a hidden form field that is rendered without SPIP output filtering. Because...

8.8CVSS6.4AI score0.00761EPSS
Exploits0References1
osv
osv
added 2026/02/25 3:8 a.m.10 views

CVE-2026-27745 SPIP interface_traduction_objets < 2.2.2 Authenticated RCE

The SPIP interfacetraductionobjets plugin versions prior to 2.2.2 contain an authenticated remote code execution vulnerability in the translation interface workflow. The plugin incorporates untrusted request data into a hidden form field that is rendered without SPIP output filtering. Because...

8.7CVSS6.6AI score0.00761EPSS
Exploits0References8
vulnrichment
vulnrichment
added 2026/02/25 3:8 a.m.5 views

CVE-2026-27745 SPIP interface_traduction_objets < 2.2.2 Authenticated RCE

The SPIP interfacetraductionobjets plugin versions prior to 2.2.2 contain an authenticated remote code execution vulnerability in the translation interface workflow. The plugin incorporates untrusted request data into a hidden form field that is rendered without SPIP output filtering. Because...

8.8CVSS6.5AI score0.00761EPSS
Exploits0References5
cvelist
cvelist
added 2026/02/25 3:8 a.m.30 views

CVE-2026-27745 SPIP interface_traduction_objets < 2.2.2 Authenticated RCE

The SPIP interfacetraductionobjets plugin versions prior to 2.2.2 contain an authenticated remote code execution vulnerability in the translation interface workflow. The plugin incorporates untrusted request data into a hidden form field that is rendered without SPIP output filtering. Because...

8.8CVSS0.00761EPSS
Exploits0References5
cve
cve
added 2026/02/25 3:8 a.m.12 views

CVE-2026-27745

The CVE-2026-27745 entry concerns the SPIP plugin interface_traduction_objets, affected when using versions prior to 4.3.3. An authenticated attacker with editor-level privileges can exploit an authenticated RCE vulnerability by injecting crafted content into a hidden form field populated with un...

8.8CVSS6.3AI score0.00761EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder