CVE-2020-28984

Priority
Description
prive/formulaires/configurer_preferences.php in SPIP before 3.2.8 does not
properly validate the couleur, display, display_navigation, display_outils,
imessage, and spip_ecran parameters.
Notes
Package
Source: spip (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 18.04 LTS:needs-triage
Ubuntu 20.04 LTS:needs-triage
Ubuntu 21.10:not-affected (3.2.8-1)
Ubuntu 22.04 LTS:not-affected (3.2.8-1)
Ubuntu 14.04 ESM:DNE
Patches:
More Information

Updated: 2022-04-25 00:49:50 UTC (commit ecc1009cb19540b950de59270950018900f37f15)