Spip · Spip · CVE-2026-48832
**Name of the Vulnerable Software and Affected Versions**
SPIP versions prior to 4.4.15
**Description**
The 'action/cookie.php' endpoint in the 'ecrire' component is subject to an open redirect, which occurs when an application redirects users to an external site without sufficient validation of the destination URL.
**Recommendations**
Update to version 4.4.15 or later.