← Back to CVE List

CVE-2016-7999

Published: 2017-01-18T17:59Z
Last Modified: 2024-11-21T02:58Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to conduct server side request forgery (SSRF) attacks via a URL in the var_url parameter in a valider_xml action. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt