SPIP is a Web-based content publishing system. A cross-site scripting vulnerability exists in SPIP, which stems from the lack of proper validation of client-side data by the WEB application. An attacker could exploit the vulnerability to execute client-side code.