Lucene search
Ubuntu.comUB:CVE-2013-7303HistoryJan 30, 2014 - 12:00 a.m.
CVE-2013-7303
2014-01-3000:00:00
ubuntu.com
ubuntu.com
8
0.003 Low
EPSS
Percentile
69.7%
Multiple cross-site scripting (XSS) vulnerabilities in (1)
squelettes-dist/formulaires/inscription.php and (2)
prive/forms/editer_auteur.php in SPIP before 2.1.25 and 3.0.x before 3.0.13
allow remote attackers to inject arbitrary web script or HTML via the
author name field.
Bugs
Notes
| Author | Note |
|---|---|
| seth-arnold | Might be βlowβ or βnegligibleβ if the author is the one to inject the XSS and if the author is generally allowed arbitrary HTML input somewhere else. |
Related
debiancve
debiancve
CVE-2013-7303
2014-01-30 21:55:00
cve
cve
CVE-2013-7303
2014-01-30 21:55:00
prion
prion
Cross site scripting
2014-01-30 21:55:00
cvelist
cvelist
CVE-2013-7303
2014-01-30 21:00:00