exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2026-27473

около 1 месяца назад

SPIP before 4.4.9 allows Stored Cross-Site Scripting (XSS) via syndicated sites in the private area. The #URL_SYNDIC output is not properly sanitized on the private syndicated site page, allowing an attacker who can set a malicious syndication URL to inject persistent scripts that execute when other administrators view the syndicated site details.

CVSS3: 6.4

EPSS: Низкий

CVE-2026-27473

около 1 месяца назад

SPIP before 4.4.9 allows Stored Cross-Site Scripting (XSS) via syndicated sites in the private area. The #URL_SYNDIC output is not properly sanitized on the private syndicated site page, allowing an attacker who can set a malicious syndication URL to inject persistent scripts that execute when other administrators view the syndicated site details.

CVSS3: 6.4

EPSS: Низкий

CVE-2026-27473

около 1 месяца назад

SPIP before 4.4.9 allows Stored Cross-Site Scripting (XSS) via syndica ...

CVSS3: 6.4

EPSS: Низкий

GHSA-fgj6-7f58-836m

около 1 месяца назад

SPIP before 4.4.9 allows Stored Cross-Site Scripting (XSS) via syndicated sites in the private area. The #URL_SYNDIC output is not properly sanitized on the private syndicated site page, allowing an attacker who can set a malicious syndication URL to inject persistent scripts that execute when other administrators view the syndicated site details.

CVSS3: 6.4

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2026-27473 SPIP before 4.4.9 allows Stored Cross-Site Scripting (XSS) via syndicated sites in the private area. The #URL_SYNDIC output is not properly sanitized on the private syndicated site page, allowing an attacker who can set a malicious syndication URL to inject persistent scripts that execute when other administrators view the syndicated site details.	CVSS3: 6.4	0% Низкий	около 1 месяца назад
CVE-2026-27473 SPIP before 4.4.9 allows Stored Cross-Site Scripting (XSS) via syndicated sites in the private area. The #URL_SYNDIC output is not properly sanitized on the private syndicated site page, allowing an attacker who can set a malicious syndication URL to inject persistent scripts that execute when other administrators view the syndicated site details.	CVSS3: 6.4	0% Низкий	около 1 месяца назад
CVE-2026-27473 SPIP before 4.4.9 allows Stored Cross-Site Scripting (XSS) via syndica ...	CVSS3: 6.4	0% Низкий	около 1 месяца назад
GHSA-fgj6-7f58-836m SPIP before 4.4.9 allows Stored Cross-Site Scripting (XSS) via syndicated sites in the private area. The #URL_SYNDIC output is not properly sanitized on the private syndicated site page, allowing an attacker who can set a malicious syndication URL to inject persistent scripts that execute when other administrators view the syndicated site details.	CVSS3: 6.4	0% Низкий	около 1 месяца назад

Уязвимостей на страницу