Vulnerabilities > Spip > Spip > 2.1.24
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-01-30 | CVE-2013-7303 | Cross-Site Scripting vulnerability in Spip Multiple cross-site scripting (XSS) vulnerabilities in (1) squelettes-dist/formulaires/inscription.php and (2) prive/forms/editer_auteur.php in SPIP before 2.1.25 and 3.0.x before 3.0.13 allow remote attackers to inject arbitrary web script or HTML via the author name field. | 4.3 |