CVE-2023-52322

Published: 2024-01-04T07:15Z

Last Modified: 2024-11-21T08:39Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

ecrire/public/assembler.php in SPIP before 4.1.13 and 4.2.x before 4.2.7 allows XSS because input from _request() is not restricted to safe characters such as alphanumerics. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt