exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2025-71241

около 2 месяцев назад

SPIP before 4.3.6, 4.2.17, and 4.1.20 allows Cross-Site Scripting (XSS) in the private area. The content of the error message displayed by the 'transmettre' API is not properly sanitized, allowing an attacker to inject malicious scripts. This vulnerability is mitigated by the SPIP security screen.

CVSS3: 6.1

EPSS: Низкий

CVE-2025-71241

около 2 месяцев назад

SPIP before 4.3.6, 4.2.17, and 4.1.20 allows Cross-Site Scripting (XSS) in the private area. The content of the error message displayed by the 'transmettre' API is not properly sanitized, allowing an attacker to inject malicious scripts. This vulnerability is mitigated by the SPIP security screen.

CVSS3: 6.1

EPSS: Низкий

CVE-2025-71241

около 2 месяцев назад

SPIP before 4.3.6, 4.2.17, and 4.1.20 allows Cross-Site Scripting (XSS ...

CVSS3: 6.1

EPSS: Низкий

GHSA-rpjf-2xrw-h2w5

около 2 месяцев назад

SPIP before 4.3.6, 4.2.17, and 4.1.20 allows Cross-Site Scripting (XSS) in the private area. The content of the error message displayed by the 'transmettre' API is not properly sanitized, allowing an attacker to inject malicious scripts. This vulnerability is mitigated by the SPIP security screen.

CVSS3: 5.4

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-71241 SPIP before 4.3.6, 4.2.17, and 4.1.20 allows Cross-Site Scripting (XSS) in the private area. The content of the error message displayed by the 'transmettre' API is not properly sanitized, allowing an attacker to inject malicious scripts. This vulnerability is mitigated by the SPIP security screen.	CVSS3: 6.1	0% Низкий	около 2 месяцев назад
CVE-2025-71241 SPIP before 4.3.6, 4.2.17, and 4.1.20 allows Cross-Site Scripting (XSS) in the private area. The content of the error message displayed by the 'transmettre' API is not properly sanitized, allowing an attacker to inject malicious scripts. This vulnerability is mitigated by the SPIP security screen.	CVSS3: 6.1	0% Низкий	около 2 месяцев назад
CVE-2025-71241 SPIP before 4.3.6, 4.2.17, and 4.1.20 allows Cross-Site Scripting (XSS ...	CVSS3: 6.1	0% Низкий	около 2 месяцев назад
GHSA-rpjf-2xrw-h2w5 SPIP before 4.3.6, 4.2.17, and 4.1.20 allows Cross-Site Scripting (XSS) in the private area. The content of the error message displayed by the 'transmettre' API is not properly sanitized, allowing an attacker to inject malicious scripts. This vulnerability is mitigated by the SPIP security screen.	CVSS3: 5.4	0% Низкий	около 2 месяцев назад

Уязвимостей на страницу