Security Advisory

CVE-2013-7303

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-01-30 21:00:00

Last updated 2024-08-06 18:01:20

Assigner debian

State PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in (1) squelettes-dist/formulaires/inscription.php and (2) prive/forms/editer_auteur.php in SPIP before 2.1.25 and 3.0.x before 3.0.13 allow remote attackers to inject arbitrary web script or HTML via the author name field.

← Browse all CVEs View on cve.org ↗