CVE-2016-9152

Опубликовано: 05 дек. 2016

Источник: ubuntu

Приоритет: medium

CVSS2: 4.3

CVSS3: 6.1

Описание

Cross-site scripting (XSS) vulnerability in ecrire/exec/plonger.php in SPIP 3.1.3 allows remote attackers to inject arbitrary web script or HTML via the rac parameter.

Релиз	Статус	Примечание
bionic	not-affected	3.1.4-4~deb9u3build0.18.04.1
devel	not-affected
esm-apps/bionic	not-affected	3.1.4-4~deb9u3build0.18.04.1
esm-apps/focal	not-affected
esm-apps/jammy	not-affected
esm-apps/noble	not-affected
esm-apps/xenial	needed
esm-infra-legacy/trusty	DNE
focal	not-affected
groovy	not-affected

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Связанные уязвимости

CVE-2016-9152

CVSS3: 6.1

nvd

около 9 лет назад

Cross-site scripting (XSS) vulnerability in ecrire/exec/plonger.php in SPIP 3.1.3 allows remote attackers to inject arbitrary web script or HTML via the rac parameter.

CVE-2016-9152

CVSS3: 6.1

debian

около 9 лет назад

Cross-site scripting (XSS) vulnerability in ecrire/exec/plonger.php in ...

GHSA-ppjh-hcf6-gp63

CVSS3: 6.1

github

больше 3 лет назад

Cross-site scripting (XSS) vulnerability in ecrire/exec/plonger.php in SPIP 3.1.3 allows remote attackers to inject arbitrary web script or HTML via the rac parameter.

4.3 Medium

CVSS2

6.1 Medium

CVSS3

CVE-2016-9152

Описание

Пакет spip

Ссылки на источники

Связанные уязвимости