CVE-2026-48832 | THREATINT

Description

action/cookie.php in ecrire in SPIP before 4.4.15 is prone to an open redirect vulnerability.

PUBLISHED Reserved 2026-05-24 | Published 2026-05-24 | Updated 2026-05-26 | Assigner mitre

LOW: 3.5CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N

Problem types

CWE-601 URL Redirection to Untrusted Site ('Open Redirect')

Product status

Default status

unaffected

Any version before 4.4.15

affected

References

blog.spip.net/...securite-sortie-de-SPIP-4-4-15.html?lang=fr

git.spip.net/...mit/75629034697ab52a963a340afd10930407e1cd55

git.spip.net/...mit/a22cb8a56f1e37ff3854b73ff3f66aa3df47070a

cve.org (CVE-2026-48832)

nvd.nist.gov (CVE-2026-48832)

Download JSON

help @ threatint.eu