Lucene search
GoogleOSV:CVE-2021-44122HistoryJan 26, 2022 - 12:15 p.m.
CVE-2021-44122
2022-01-2612:15:07
Google
osv.dev
7
spip 4.0.0
cross site request forgery
csrf
xss
vulnerability
malicious code
authenticated attacker
exploit
SPIP 4.0.0 is affected by a Cross Site Request Forgery (CSRF) vulnerability in ecrire/public/aiguiller.php, ecrire/public/balises.php, ecrire/balise/formulaire_.php. To exploit the vulnerability, a visitor must visit a malicious website which redirects to the SPIP website. It is also possible to combine XSS vulnerabilities in SPIP 4.0.0 to exploit it. The vulnerability allows an authenticated attacker to execute malicious code without the knowledge of the user on the website (CSRF).
Related
cvelist
cvelist
CVE-2021-44122
2022-01-26 11:47:55
cnvd
cnvd
SPIP Cross-site Request Forgery Vulnerability (CNVD-2022-08190)
2022-01-28 00:00:00
prion
prion
Cross site request forgery (csrf)
2022-01-26 12:15:00
veracode
veracode
Cross-site Request Forgery (CSRF)
2022-02-07 22:32:45
debiancve
debiancve
CVE-2021-44122
2022-01-26 12:15:07
ubuntucve
ubuntucve
CVE-2021-44122
2022-01-26 00:00:00
nvd
nvd
CVE-2021-44122
2022-01-26 12:15:07
cve
cve
CVE-2021-44122
2022-01-26 12:15:07
osv
osv
spip - security update
2021-12-22 00:00:00
spip - security update
2021-12-29 00:00:00
spip vulnerabilities
2023-03-02 10:15:19
openvas
openvas
Debian: Security Advisory (DLA-2867-1)
2021-12-30 00:00:00
SPIP < 3.2.12, 4.x < 4.0.1 Multiple Vulnerabilities
2022-01-27 00:00:00
Debian: Security Advisory (DSA-5028-1)
2021-12-23 00:00:00
nessus
nessus
Ubuntu 20.04 LTS : SPIP vulnerabilities (USN-5482-2)
2023-03-02 00:00:00
Ubuntu 18.04 LTS : SPIP vulnerabilities (USN-5482-1)
2022-06-17 00:00:00
ubuntu
ubuntu
SPIP vulnerabilities
2022-06-16 00:00:00
SPIP vulnerabilities
2023-03-02 00:00:00