Homepage

spip vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the spip package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
Information Exposure

<3.0.17-2+deb8u5
  • M
Cross-site Scripting (XSS)

<3.0.17-2+deb8u5
  • M
CVE-2019-16391

<3.0.17-2+deb8u5
  • M
Open Redirect

<3.0.17-2+deb8u5
  • M
Cross-site Scripting (XSS)

<3.0.17-2+deb8u4
  • H
Directory Traversal

<3.0.17-2+deb8u3
  • H
Server-Side Request Forgery (SSRF)

<3.0.17-2+deb8u3
  • M
Cross-site Scripting (XSS)

<3.0.17-2+deb8u3
  • H
Improper Input Validation

<3.0.17-2+deb8u3
  • H
Cross-site Request Forgery (CSRF)

<3.0.17-2+deb8u3
  • M
Cross-site Scripting (XSS)

<3.0.17-2+deb8u3
  • M
Cross-site Scripting (XSS)

<3.0.17-2+deb8u3
  • M
Cross-site Scripting (XSS)

<3.0.17-2+deb8u3
  • C
Arbitrary Code Injection

<3.0.17-2+deb8u2
  • C
Arbitrary Code Injection

<3.0.17-2+deb8u2
  • M
Cross-site Scripting (XSS)

<3.0.13-1
  • M
Cross-site Request Forgery (CSRF)

<2.1.24-1
  • H
Arbitrary Code Injection

<2.1.24-1
  • M
Cross-site Scripting (XSS)

<2.1.24-1
  • H
CVE-2013-2118

<2.1.22-1
  • C
CVE-2012-4331

<2.1.13-1
  • M
Cross-site Scripting (XSS)

<2.1.13-1
  • H
Access Restriction Bypass

<2.0.9-1
  • H
SQL Injection

<2.0.6-1
  • C
CVE-2008-5812

<2.0.6-1
  • H
Arbitrary Code Injection

<2.0.6-1
  • H
CVE-2006-1702

<2.0.6-1
  • M
CVE-2006-1295

<2.0.6-1
  • H
CVE-2006-0626

<2.0.6-1
  • M
CVE-2006-0625

<2.0.6-1
  • M
CVE-2006-0518

<2.0.6-1
  • H
CVE-2006-0517

<2.0.6-1
  • M
CVE-2006-0519

<2.0.6-1
  • L
CVE-2005-4494

<2.0.6-1