CVE-2012-2151 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in SPIP 1.9.x before 1.9.2.o 2.0.x before 2.0.18 and 2.1.x before 2.1.13 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Reference

http://archives.rezo.net/archives/spip-en.mbox/U5QUZ6WJRAJC7H5BR7W5SQG6WCD3PXL7/ http://secunia.com/advisories/48939 http://www.debian.org/security/2012/dsa-2461 http://www.openwall.com/lists/oss-security/2012/04/30/4 http://www.openwall.com/lists/oss-security/2012/05/01/4 http://www.osvdb.org/81473 http://www.securityfocus.com/bid/53216 http://www.securitytracker.com/id?1026970 https://exchange.xforce.ibmcloud.com/vulnerabilities/75104