spip jeux CVE Vulnerabilities (1)

CVEs: 1 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting spip jeux (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 11 of 1 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2026-27746 The SPIP jeux plugin versions prior to 4.1.1 contain a reflected cross-site scripting (XSS) vulnerability in the pre_propre pipeline. The plugin incorporates untrusted request parameters into HTML output without proper output encoding, allowing attackers to inject arbitrary script content into pages that render a jeux block. When a victim is induced to visit a crafted URL, the injected content is reflected into the response and executed in the victim's browser context. [email protected] 5.1 0.20% 2026-02-24 2026-06-17
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence