Security Advisory

CVE-2023-53900

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-16 17:06:24

Last updated 2026-04-07 14:07:23

Assigner VulnCheck

State PUBLISHED

Description

Spip 4.1.10 contains a file upload vulnerability that allows attackers to upload malicious SVG files with embedded external links. Attackers can trick administrators into clicking a crafted SVG logo that redirects to a potentially dangerous URL through improper file upload filtering.

← Browse all CVEs View on cve.org ↗