CVE-2022-28959

Multiple cross-site scripting (XSS) vulnerabilities in the component /spip.php of Spip Web Framework v3.1.13 and below allows attackers to execute arbitrary web scripts or HTML. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt