CVE-2020-28984

Publication date

2020-11-23 21:48:53

Family

mitre

State

PUBLISHED

Description

prive/formulaires/configurer_preferences.php in SPIP before 3.2.8 does not properly validate the couleur, display, display_navigation, display_outils, imessage, and spip_ecran parameters.