Vulnerabilities

CVE-2013-7303

by Fred · 30/01/2014

Multiple cross-site scripting (XSS) vulnerabilities in (1) squelettes-dist/formulaires/inscription.php and (2) prive/forms/editer_auteur.php in SPIP before 2.1.25 and 3.0.x before 3.0.13 allow remote attackers to inject arbitrary web script or HTML via the author name field.

Date published : 2014-01-30

http://core.spip.org/projects/spip/repository/revisions/20902

http://www.spip.net/fr_article5648.html

Related

Tags: Cybersecurity Alert