First published: Thu Jan 04 2024(Updated: )
ecrire/public/assembler.php in SPIP before 4.1.13 and 4.2.x before 4.2.7 allows XSS because input from _request() is not restricted to safe characters such as alphanumerics.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
<4.1.13 | ||
>=4.2.0<4.2.7 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.