Описание
ecrire/public/assembler.php in SPIP before 4.1.13 and 4.2.x before 4.2.7 allows XSS because input from _request() is not restricted to safe characters such as alphanumerics.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | 4.1.13+dfsg-1 |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | not-affected | 4.1.13+dfsg-1 |
| esm-apps/xenial | needs-triage | |
| focal | ignored | end of standard support, was needs-triage |
| jammy | needs-triage | |
| lunar | ignored | end of life, was needs-triage |
Показывать по
10
6.1 Medium
CVSS3
Связанные уязвимости
CVSS3: 6.1
nvd
около 2 лет назад
ecrire/public/assembler.php in SPIP before 4.1.13 and 4.2.x before 4.2.7 allows XSS because input from _request() is not restricted to safe characters such as alphanumerics.
CVSS3: 6.1
debian
около 2 лет назад
ecrire/public/assembler.php in SPIP before 4.1.13 and 4.2.x before 4.2 ...
CVSS3: 6.1
github
около 2 лет назад
ecrire/public/assembler.php in SPIP before 4.1.3 and 4.2.x before 4.2.7 allows XSS because input from _request() is not restricted to safe characters such as alphanumerics.
6.1 Medium
CVSS3