CVE-2025-71246 | SPIP up to 4.4.7 echapper_html_suspect cross site scripting

Inserito da Angelo Barbosa | Feb 19, 2026 | CVE

A vulnerability was found in SPIP up to 4.4.7 and classified as problematic. The affected element is the function echapper_html_suspect. Executing a manipulation can lead to cross site scripting.

The identification of this vulnerability is CVE-2025-71246. The attack may be launched remotely. There is no exploit available.

It is suggested to upgrade the affected component.

CVE-2025-71246 | SPIP up to 4.4.7 echapper_html_suspect cross site scripting

Post correlati

CVE-2024-4306 | Ofofonobs HubBank 1.0.2 Document Field unrestricted upload

CVE-2024-42010 | RoundCube up to 1.5.7/1.6.7 Cascading Style Sheet mod_css_styles information disclosure

CVE-2024-30109 | HCL DRYiCE AEX 10 Web Application ui layer (KB0114193)

CVE-2023-41165 | Stormshield Network Security Services SNS Firewall access control