Download
| Alert*
|
CVE-2020-28984
prive/formulaires/configurer_preferences.php in SPIP before 3.2.8 does not properly validate the couleur, display, display_navigation, display_outils, imessage, and spip_ecran parameters. CVE-2022-26846 SPIP before 3.2.14 and 4.x before 4.0.5 allows remote authenticated editors to execute arbitrary code. CVE-2022-26847 SPIP before 3.2.14 and 4.x before 4.0.5 allows unauthenticated access to information about editorial objects. |
