Описание
Spip 4.1.10 contains a file upload vulnerability that allows attackers to upload malicious SVG files with embedded external links. Attackers can trick administrators into clicking a crafted SVG logo that redirects to a potentially dangerous URL through improper file upload filtering.
Уязвимые конфигурации
EPSS
8.8 High
CVSS3
6.1 Medium
CVSS3
Дефекты
Связанные уязвимости
Spip 4.1.10 contains a file upload vulnerability that allows attackers to upload malicious SVG files with embedded external links. Attackers can trick administrators into clicking a crafted SVG logo that redirects to a potentially dangerous URL through improper file upload filtering.
Spip 4.1.10 contains a file upload vulnerability that allows attackers ...
Spip 4.1.10 contains a file upload vulnerability that allows attackers to upload malicious SVG files with embedded external links. Attackers can trick administrators into clicking a crafted SVG logo that redirects to a potentially dangerous URL through improper file upload filtering.
EPSS
8.8 High
CVSS3
6.1 Medium
CVSS3