CVE 2022-28960

A PHP injection vulnerability in Spip before v3.2.8 allows attackers to execute arbitrary PHP code via the _oups parameter at /ecrire.

Related bugs and status

CVE-2022-28960 (Candidate) is related to these bugs:

Bug #1971185: Multiple vulnerabilities in Bionic and Impish

		In	Importance	Status
1971185	Multiple vulnerabilities in Bionic and Impish	spip (Ubuntu)	Undecided	Fix Released
1971185	Multiple vulnerabilities in Bionic and Impish	spip (Ubuntu Bionic)	Undecided	Fix Released
1971185	Multiple vulnerabilities in Bionic and Impish	spip (Ubuntu Impish)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.