What is the severity of CVE-2013-4556?

CVE-2013-4556 is classified as a medium severity vulnerability due to its cross-site scripting (XSS) nature.

How do I fix CVE-2013-4556?

To fix CVE-2013-4556, you should upgrade your SPIP installation to version 3.0.12 or later, and 2.1.24 or later.

What versions of SPIP are affected by CVE-2013-4556?

CVE-2013-4556 affects SPIP versions prior to 2.1.24 and 3.0.x before 3.0.12.

What is the impact of CVE-2013-4556 on web security?

The impact of CVE-2013-4556 includes allowing remote attackers to inject arbitrary HTML or web scripts into the author page.

Is CVE-2013-4556 still a concern for modern SPIP installations?

CVE-2013-4556 is not a concern for modern SPIP installations if they have been updated to versions that address this vulnerability.

Vulnerability/
CVE-2013-4556

medium

4.3

CWE

15/11/2013

6/8/2024

CVE-2013-4556: XSS

First published: Fri Nov 15 2013(Updated: )

Cross-site scripting (XSS) vulnerability in the author page (prive/formulaires/editer_auteur.php) in SPIP before 2.1.24 and 3.0.x before 3.0.12 allows remote attackers to inject arbitrary web script or HTML via the url_site parameter.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
debian/spip		3.2.4-1+deb10u9 3.2.4-1+deb10u11 3.2.11-3+deb11u9 3.2.11-3+deb11u7 4.1.9+dfsg-1+deb12u2 4.1.12+dfsg-1
SPIP SPIP	<=2.1.23
SPIP SPIP	=2.0.0
SPIP SPIP	=2.0.1
SPIP SPIP	=2.0.2
SPIP SPIP	=2.0.3
SPIP SPIP	=2.0.4
SPIP SPIP	=2.0.5
SPIP SPIP	=2.0.6
SPIP SPIP	=2.0.7
SPIP SPIP	=2.0.8
SPIP SPIP	=2.0.9
SPIP SPIP	=2.0.10
SPIP SPIP	=2.0.11
SPIP SPIP	=2.0.12
SPIP SPIP	=2.0.13
SPIP SPIP	=2.0.14
SPIP SPIP	=2.0.15
SPIP SPIP	=2.0.16
SPIP SPIP	=2.0.17
SPIP SPIP	=2.0.18
SPIP SPIP	=2.0.19
SPIP SPIP	=2.0.20
SPIP SPIP	=2.0.21
SPIP SPIP	=2.0.22
SPIP SPIP	=2.1.1
SPIP SPIP	=2.1.2
SPIP SPIP	=2.1.3
SPIP SPIP	=2.1.4
SPIP SPIP	=2.1.5
SPIP SPIP	=2.1.6
SPIP SPIP	=2.1.7
SPIP SPIP	=2.1.8
SPIP SPIP	=2.1.9
SPIP SPIP	=2.1.10
SPIP SPIP	=2.1.11
SPIP SPIP	=2.1.12
SPIP SPIP	=2.1.13
SPIP SPIP	=2.1.14
SPIP SPIP	=2.1.15
SPIP SPIP	=2.1.16
SPIP SPIP	=2.1.17
SPIP SPIP	=2.1.18
SPIP SPIP	=2.1.19
SPIP SPIP	=2.1.20
SPIP SPIP	=2.1.21
SPIP SPIP	=2.1.22
SPIP SPIP	=3.0.0
SPIP SPIP	=3.0.1
SPIP SPIP	=3.0.2
SPIP SPIP	=3.0.3
SPIP SPIP	=3.0.4
SPIP SPIP	=3.0.5
SPIP SPIP	=3.0.6
SPIP SPIP	=3.0.7
SPIP SPIP	=3.0.8
SPIP SPIP	=3.0.9
SPIP SPIP	=3.0.10
SPIP SPIP	=3.0.11

Remedy

http://core.spip.org/projects/spip/repository/revisions/20879

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-4556?
CVE-2013-4556 is classified as a medium severity vulnerability due to its cross-site scripting (XSS) nature.
How do I fix CVE-2013-4556?
To fix CVE-2013-4556, you should upgrade your SPIP installation to version 3.0.12 or later, and 2.1.24 or later.
What versions of SPIP are affected by CVE-2013-4556?
CVE-2013-4556 affects SPIP versions prior to 2.1.24 and 3.0.x before 3.0.12.
What is the impact of CVE-2013-4556 on web security?
The impact of CVE-2013-4556 includes allowing remote attackers to inject arbitrary HTML or web scripts into the author page.
Is CVE-2013-4556 still a concern for modern SPIP installations?
CVE-2013-4556 is not a concern for modern SPIP installations if they have been updated to versions that address this vulnerability.

collector/security-tracker-debian
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/references
agent/author
agent/severity
agent/weakness
agent/remedy
agent/last-modified-date
agent/first-publish-date
agent/event
agent/description
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
package-manager/debian
vendor/spip
canonical/spip spip
version/spip spip/2.1.23
version/spip spip/2.0.0
version/spip spip/2.0.1
version/spip spip/2.0.2
version/spip spip/2.0.3
version/spip spip/2.0.4
version/spip spip/2.0.5
version/spip spip/2.0.6
version/spip spip/2.0.7
version/spip spip/2.0.8
version/spip spip/2.0.9
version/spip spip/2.0.10
version/spip spip/2.0.11
version/spip spip/2.0.12
version/spip spip/2.0.13
version/spip spip/2.0.14
version/spip spip/2.0.15
version/spip spip/2.0.16
version/spip spip/2.0.17
version/spip spip/2.0.18
version/spip spip/2.0.19
version/spip spip/2.0.20
version/spip spip/2.0.21
version/spip spip/2.0.22
version/spip spip/2.1.1
version/spip spip/2.1.2
version/spip spip/2.1.3
version/spip spip/2.1.4
version/spip spip/2.1.5
version/spip spip/2.1.6
version/spip spip/2.1.7
version/spip spip/2.1.8
version/spip spip/2.1.9
version/spip spip/2.1.10
version/spip spip/2.1.11
version/spip spip/2.1.12
version/spip spip/2.1.13
version/spip spip/2.1.14
version/spip spip/2.1.15
version/spip spip/2.1.16
version/spip spip/2.1.17
version/spip spip/2.1.18
version/spip spip/2.1.19
version/spip spip/2.1.20
version/spip spip/2.1.21
version/spip spip/2.1.22
version/spip spip/3.0.0
version/spip spip/3.0.1
version/spip spip/3.0.2
version/spip spip/3.0.3
version/spip spip/3.0.4
version/spip spip/3.0.5
version/spip spip/3.0.6
version/spip spip/3.0.7
version/spip spip/3.0.8
version/spip spip/3.0.9
version/spip spip/3.0.10
version/spip spip/3.0.11

CVE-2013-4556: XSS

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-4556?

How do I fix CVE-2013-4556?

What versions of SPIP are affected by CVE-2013-4556?

What is the impact of CVE-2013-4556 on web security?

Is CVE-2013-4556 still a concern for modern SPIP installations?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2013-4556?

How do I fix CVE-2013-4556?

What versions of SPIP are affected by CVE-2013-4556?

What is the impact of CVE-2013-4556 on web security?

Is CVE-2013-4556 still a concern for modern SPIP installations?