SPIP Multiple Vulnerabilities Fixed by 3.1.2 and 3.0.23
Description
(#Several cross-site scripting vulnerabilities were reported in SPIP's core.#A remote attacker could exploit them by enticing their victim into following a specially formed link in order to execute arbitrary JavaScript or HTML code.##No further information is available.#Updated, 17/11/2016:#Further information is available for these vulnerability:#- stored cross-site scripting. A remote attacker could exploit it in order to execute arbitrary JavaScript or HTML code by inciting their victim into following a specially formed link. This vulnerability, located in the message posting feature of the internal forum, stems from a lack of validation upon user-supplied links##- cross-site scripting. A remote attacker could exploit it in order to execute arbitrary JavaScript or HTML code by inciting their victim into following a specially formed link. This vulnerability is located in the private message edition feature.##An additional vulnerability, fixed by the same versions of SPIP, has been added:#- HTTP header injection. A remote attacker could exploit it in order to access sensitive information and potentially compromise a user account by redirecting their response to a malicious server. This vulnerability is located in the password recovery feature.##Proofs of concept are available.)
