Security Advisory

CVE-2023-52322

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-01-04 00:00:00
Last updated 2025-06-03 14:42:57
Assigner mitre
State PUBLISHED

Description

ecrire/public/assembler.php in SPIP before 4.1.13 and 4.2.x before 4.2.7 allows XSS because input from _request() is not restricted to safe characters such as alphanumerics.