CVE-2016-9997

CVE-2016-9997

EPSS 0.9%

SPIP 3.1.x suffers from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/puce_statut.php involving the `$id` parameter, as demonstrated by a /ecrire/?exec=puce_statut URL.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://core.spip.net/projects/spip/repository/revisions/23288 http://www.securityfocus.com/bid/95008 http://www.securitytracker.com/id/1037486