Lucene search
Ubuntu.comUB:CVE-2022-28959HistoryMay 19, 2022 - 12:00 a.m.
CVE-2022-28959
2022-05-1900:00:00
ubuntu.com
ubuntu.com
24
0.001 Low
EPSS
Percentile
48.3%
Multiple cross-site scripting (XSS) vulnerabilities in the component
/spip.php of Spip Web Framework v3.1.13 and below allows attackers to
execute arbitrary web scripts or HTML.
References
blog.spip.net/Mise-a-jour-CRITIQUE-de-securite-SPIP-3-2-8-et-SPIP-3-1-13.html
github.com/spip/SPIP/commit/0394b44774555ae8331b6e65e35065dfa0bb41e4
github.com/spip/SPIP/commit/6c1650713fc948318852ace759aab8f1a84791cf
launchpad.net/bugs/cve/CVE-2022-28959
nvd.nist.gov/vuln/detail/CVE-2022-28959
security-tracker.debian.org/tracker/CVE-2022-28959
thinkloveshare.com/hacking/rce_on_spip_and_root_me/
www.cve.org/CVERecord?id=CVE-2022-28959
www.root-me.org/fr/Informations/Faiblesses-decouvertes/
Related
veracode
veracode
Cross-site Scripting (XSS)
2022-05-30 22:49:15
osv
osv
CVE-2022-28959
2022-05-19 21:15:08
spip - security update
2020-11-25 00:00:00
cnvd
cnvd
SPIP cross-site scripting vulnerability
2022-05-23 00:00:00
debiancve
debiancve
CVE-2022-28959
2022-05-19 21:15:00
prion
prion
Cross site scripting
2022-05-19 21:15:00
cvelist
cvelist
CVE-2022-28959
2022-05-19 20:26:11
cve
cve
CVE-2022-28959
2022-05-19 21:15:00
openvas
openvas
SPIP < 3.1.14 Multiple Vulnerabilities
2022-06-01 00:00:00
Debian: Security Advisory (DSA-4798-1)
2020-11-26 00:00:00