Page 2 of 11 results (0.001 seconds)
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44118 – Ubuntu Security Notice USN-5482-2
https://notcve.org/view.php?id=CVE-2021-44118
26 Jan 2022 — SPIP 4.0.0 is affected by a Cross Site Scripting (XSS) vulnerability. To exploit the vulnerability, a visitor must browse to a malicious SVG file. The vulnerability allows an authenticated attacker to inject malicious code running on the client side into web pages visited by other users (stored XSS). SPIP versión 4.0.0 está afectado por una vulnerabilidad de tipo Cross Site Scripting (XSS). Para explotar la vulnerabilidad, un visitante debe navegar a un archivo SVG malicioso. • https://git.spip.net/spip/medias/commit/13c293fabd35e2c152379522c29432423936cbba • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •