CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Spip: >> Spip >> 4.3.3 Security Vulnerabilities

CVE-2024-53620

A cross-site scripting (XSS) vulnerability in the Article module of SPIP v4.3.3 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Title parameter.

CVSS Score

4.8

EPSS Score

0.001

Published

2024-11-26

CVE-2024-53619

An authenticated arbitrary file upload vulnerability in the Documents module of SPIP v4.3.3 allows attackers to execute arbitrary code via uploading a crafted PDF file.

CVSS Score

6.3

EPSS Score

0.002

Published

2024-11-26

Page 1

Vulnerabilities

Vulnerable Software

Spip: >> Spip >> 4.3.3 Security Vulnerabilities

Products

Pricing

Contact Us