Vigil@nce - SPIP: six vulnerabilities
May 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use six vulnerabilities of SPIP, in order to
elevate his privileges, to obtain information, or to create a
Cross Site Scripting.
Severity: 2/4
Creation date: 23/04/2012
IMPACTED PRODUCTS
– Debian Linux
– SPIP
DESCRIPTION OF THE VULNERABILITY
Three vulnerabilities were announced in SPIP.
If an attacker can change the title of an help page, he can inject
HTML code via ecrire/exec/aide_index.php. [severity:1/4]
An administrator, who is not webmaster, is allowed to alter a
webmaster via ecrire/inc/autoriser.php. [severity:1/4]
The filtre_text_dist() function of the ecrire/inc/filtres_mime.php
file does not correctly filter special characters. [severity:2/4]
An attacker can generate a Cross Site Scripting via the search
feature of the exec_auteurs_args() function in file
ecrire/exec/auteurs.php. [severity:2/4]
An attacker can use a redirection to create a Cross Site Scripting
in ecrire/action/logout.php. [severity:2/4]
One or several other vulnerabilities were announced. Technical
details are unknown. [severity:2/4]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/SPIP-six-vulnerabilities-11563