← Back to CVE List
CVE-2024-23659
Published:
2024-01-19T05:15Z
Last Modified:
2024-11-21T08:58Z
Source:
MITRE CVE List
License:
MITRE-CVE-TOS
SPIP before 4.1.14 and 4.2.x before 4.2.8 allows XSS via the name of an uploaded file. This is related to javascript/bigup.js and javascript/bigup.utils.js. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt