CVE-2012-4331Cross-site Scripting in Spip

4 documents4 sources
Severity
10.0CRITICALNVD
OSV4.3
EPSS
0.4%
top 37.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SpipDebian Spip
Timeline
PublishedAug 14
Latest updateMay 17

Description

Multiple unspecified vulnerabilities in SPIP before 1.9.2.o, 2.0.x before 2.0.18, and 2.1.x before 2.1.13 have unknown impact and attack vectors that are not related to cross-site scripting (XSS), different vulnerabilities than CVE-2012-2151.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

debiandebian/spip< spip 2.1.13-1 (bullseye)
Debianspip/spip< 2.1.13-1+2
NVDspip/spip5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-2phr-4qpj-wc46: Multiple unspecified vulnerabilities in SPIP before 12022-05-17
OSV
CVE-2012-4331: Multiple unspecified vulnerabilities in SPIP before 12012-08-14

📋Vendor Advisories

1
Debian
CVE-2012-4331: spip - Multiple unspecified vulnerabilities in SPIP before 1.9.2.o, 2.0.x before 2.0.18...2012
CVE-2012-4331 — Cross-site Scripting in Debian Spip | cvebase