Homepage

spip vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the spip package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • M
Cross-site Scripting (XSS)

<3.2.11-3+deb11u10
  • C
CVE-2023-27372

<3.2.11-3+deb11u7
  • C
SQL Injection

<3.2.11-3+deb11u6
  • H
CVE-2022-37155

<3.2.11-3+deb11u5
  • M
Cross-site Scripting (XSS)

<3.2.8-1
  • H
SQL Injection

<3.2.8-1
  • H
Improper Encoding or Escaping of Output

<3.2.8-1
  • M
Information Exposure

<3.2.11-3+deb11u3
  • H
CVE-2022-26846

<3.2.11-3+deb11u3
  • M
Cross-site Scripting (XSS)

<3.2.11-3+deb11u1
  • H
Unrestricted Upload of File with Dangerous Type

<3.2.11-3+deb11u1
  • M
Cross-site Scripting (XSS)

<3.2.11-3+deb11u1
  • H
Cross-site Request Forgery (CSRF)

<3.2.11-3+deb11u1
  • C
CVE-2020-28984

<3.2.8-1
  • M
Improper Input Validation

<3.2.7-1
  • M
Information Exposure

<3.2.5-1
  • M
Cross-site Scripting (XSS)

<3.2.5-1
  • M
CVE-2019-16391

<3.2.5-1
  • M
Open Redirect

<3.2.5-1
  • H
Improper Input Validation

<3.2.4-1
  • M
Cross-site Scripting (XSS)

<3.1.4-4
  • C
OS Command Injection

<3.1.4-3
  • M
Cross-site Scripting (XSS)

<3.1.3-1
  • H
Improper Input Validation

<3.1.3-1
  • H
Directory Traversal

<3.1.3-1
  • H
Server-Side Request Forgery (SSRF)

<3.1.3-1
  • H
Cross-site Request Forgery (CSRF)

<3.1.3-1
  • M
Cross-site Scripting (XSS)

<3.1.4-2
  • M
Cross-site Scripting (XSS)

<3.1.4-2
  • M
Cross-site Scripting (XSS)

<3.1.4-2
  • C
Arbitrary Code Injection

<3.0.22-1
  • C
Arbitrary Code Injection

<3.0.22-1
  • M
Cross-site Scripting (XSS)

<3.0.13-1
  • H
Arbitrary Code Injection

<2.1.24-1
  • M
Cross-site Scripting (XSS)

<2.1.24-1
  • M
Cross-site Request Forgery (CSRF)

<2.1.24-1
  • H
CVE-2013-2118

<2.1.22-1
  • C
CVE-2012-4331

<2.1.13-1
  • L
Cross-site Scripting (XSS)

<2.1.13-1
  • M
Access Restriction Bypass

<2.0.9-1
  • C
CVE-2008-5812

<2.0.6-1
  • H
SQL Injection

<2.0.6-1
  • H
Arbitrary Code Injection

<2.0.6-1
  • H
CVE-2006-1702

<2.0.6-1
  • M
CVE-2006-1295

<2.0.6-1
  • M
CVE-2006-0625

<2.0.6-1
  • M
CVE-2006-0626

<2.0.6-1
  • M
CVE-2006-0517

<2.0.6-1
  • M
CVE-2006-0519

<2.0.6-1
  • M
CVE-2006-0518

<2.0.6-1
  • M
CVE-2005-4494

<2.0.6-1