Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-52322

Disclosure Date: January 04, 2024 (last updated January 19, 2024)
ecrire/public/assembler.php in SPIP before 4.1.13 and 4.2.x before 4.2.7 allows XSS because input from _request() is not restricted to safe characters such as alphanumerics.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0