Security Advisory

CVE-2022-28960

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-05-19 20:26:14

Last updated 2024-08-03 06:10:57

Assigner mitre

State PUBLISHED

A PHP injection vulnerability in Spip before v3.2.8 allows attackers to execute arbitrary PHP code via the _oups parameter at /ecrire.