CVE-2016-7999Server-Side Request Forgery in Spip

CWE-918Server-Side Request Forgery4 documents4 sources
Severity
7.4HIGHNVD
EPSS
0.7%
top 26.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SpipDebian Spip
Timeline
PublishedJan 18
Latest updateMay 17

Description

ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to conduct server side request forgery (SSRF) attacks via a URL in the var_url parameter in a valider_xml action.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:NExploitability: 2.8 | Impact: 4.0

Affected Packages3 packages

debiandebian/spip< spip 3.1.3-1 (bullseye)
Debianspip/spip< 3.1.3-1+2
NVDspip/spip3.1.2

Patches

Patch: www.openwall.comPatch: www.openwall.comPatch: core.spip.net

🔴Vulnerability Details

2
GHSA
GHSA-7fjq-6rmc-pgwr: ecrire/exec/valider_xml2022-05-17
OSV
CVE-2016-7999: ecrire/exec/valider_xml2017-01-18

📋Vendor Advisories

1
Debian
CVE-2016-7999: spip - ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to...2016
CVE-2016-7999 — Server-Side Request Forgery in Spip | cvebase