PT-2022-18098 · Spip+1 · Spip+1

G0Uz

Published

2022-03-08

Updated

2022-06-16

CVE-2022-26847

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions SPIP versions prior to 3.2.14 SPIP versions 4.x prior to 4.0.5

Description The issue allows unauthenticated access to information about editorial objects.

Recommendations For SPIP versions prior to 3.2.14, update to version 3.2.14 or later. For SPIP versions 4.x prior to 4.0.5, update to version 4.0.5 or later.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2022-26847

DLA-2949-1

DSA-5093-1

USN-5482-1

Affected Products

Spip

Ubuntu

PT-2022-18098 · Spip+1 · Spip+1

CVE-2022-26847

Weakness Enumeration

Related Identifiers

Affected Products

References · 21