Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2016-9152

Cross-site scripting (XSS) vulnerability in ecrire/exec/plonger.php in SPIP 3.1.3 allows remote attackers to inject arbitrary web script or HTML via the rac parameter.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://core.spip.net/...
BID: 94658
SECTRACK: 1037392

Launchpad.net

CVE 2016-9152

Related bugs

References