Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2025-71240

SPIP before 4.2.15 allows Cross-Site Scripting (XSS) via crafted content in HTML code tags. The application does not properly verify JavaScript within code tags, allowing an attacker to inject malicious scripts that execute in a victim's browser.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 7.9%
CVSS Severity
CVSS v3 Score 5.4
Products affected by CVE-2025-71240
  • Spip » Spip » Version: 4.2.0
    cpe:2.3:a:spip:spip:4.2.0
  • Spip » Spip » Version: 4.2.1
    cpe:2.3:a:spip:spip:4.2.1
  • Spip » Spip » Version: 4.2.10
    cpe:2.3:a:spip:spip:4.2.10
  • Spip » Spip » Version: 4.2.11
    cpe:2.3:a:spip:spip:4.2.11
  • Spip » Spip » Version: 4.2.12
    cpe:2.3:a:spip:spip:4.2.12
  • Spip » Spip » Version: 4.2.13
    cpe:2.3:a:spip:spip:4.2.13
  • Spip » Spip » Version: 4.2.14
    cpe:2.3:a:spip:spip:4.2.14
  • Spip » Spip » Version: 4.2.2
    cpe:2.3:a:spip:spip:4.2.2
  • Spip » Spip » Version: 4.2.3
    cpe:2.3:a:spip:spip:4.2.3
  • Spip » Spip » Version: 4.2.4
    cpe:2.3:a:spip:spip:4.2.4
  • Spip » Spip » Version: 4.2.5
    cpe:2.3:a:spip:spip:4.2.5
  • Spip » Spip » Version: 4.2.6
    cpe:2.3:a:spip:spip:4.2.6
  • Spip » Spip » Version: 4.2.7
    cpe:2.3:a:spip:spip:4.2.7
  • Spip » Spip » Version: 4.2.8
    cpe:2.3:a:spip:spip:4.2.8
  • Spip » Spip » Version: 4.2.9
    cpe:2.3:a:spip:spip:4.2.9


Products
Pricing
Contact Us

Shodan ® - All rights reserved