CVE-2025-71245 | SPIP up to 4.4.7 IFRAME cross site scripting

Inserito da Angelo Barbosa | Feb 19, 2026 | CVE

A vulnerability has been found in SPIP up to 4.4.7 and classified as problematic. Impacted is an unknown function of the component IFRAME Handler. Performing a manipulation results in cross site scripting.

This vulnerability was named CVE-2025-71245. The attack may be initiated remotely. There is no available exploit.

The affected component should be upgraded.

CVE-2025-71245 | SPIP up to 4.4.7 IFRAME cross site scripting

Post correlati

CVE-2025-66151 | merkulove Countdowner for Elementor Plugin up to 1.0.4 on WordPress authorization

CVE-2025-7413 | code-projects Library System 1.0 profile.php image unrestricted upload

CVE-2023-34980 | QNAP QTS/QuTS hero os command injection (qsa-24-12)

CVE-2024-8839 | PDF-XChange Editor JB2 File Parser out-of-bounds (ZDI-24-1262)