Multiple cross-site scripting (XSS) vulnerabilities in (1) squelettes-dist/formulaires/inscription.php and (2) prive/forms/editer_auteur.php in SPIP before 2.1.25 and 3.0.x before 3.0.13 allow remote attackers to inject arbitrary web script or HTML via the author name field.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: debian
Published: 2014-01-30T21:00:00
Updated: 2024-08-06T18:01:20.570Z
Reserved: 2014-01-20T00:00:00
Link: CVE-2013-7303
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-01-30T21:55:04.670
Modified: 2017-08-29T01:34:07.043
Link: CVE-2013-7303
Redhat
No data.