PT-2019-15973 · Spip+1 · Spip+1

Alexis Zucca

·

Published

2019-12-13

·

Updated

2022-05-03

·

CVE-2019-19830

CVSS v3.1

6.5

Medium

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Name of the Vulnerable Software and Affected Versions SPIP versions 3.2.x through 3.2.6
Description The issue allows remote authenticated authors to inject content into the database.
Recommendations For SPIP versions 3.2.x through 3.2.6, update to version 3.2.7 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

CVE-2019-19830
DSA-4583-1
USN-4536-1

Affected Products

Spip
Ubuntu