This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Metrics
Affected Vendors & Products
No data.
No data.
No data.
References
No reference.
History
Thu, 19 Feb 2026 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | SPIP before 4.4.8 allows Cross-Site Scripting (XSS) in the public area for certain edge-case usage patterns. The echapper_html_suspect() function does not adequately detect all forms of malicious content, permitting an attacker to inject scripts that execute in a visitor's browser. This vulnerability is not mitigated by the SPIP security screen. | This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. |
| Title | SPIP < 4.4.8 Cross-Site Scripting in Public Area | |
| Weaknesses | CWE-79 | |
| CPEs | ||
| Vendors & Products |
Spip
Spip spip |
|
| References |
|
|
| Metrics |
cvssV3_1
|
Thu, 19 Feb 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | SPIP before 4.4.8 allows Cross-Site Scripting (XSS) in the public area for certain edge-case usage patterns. The echapper_html_suspect() function does not adequately detect all forms of malicious content, permitting an attacker to inject scripts that execute in a visitor's browser. This vulnerability is not mitigated by the SPIP security screen. | |
| Title | SPIP < 4.4.8 Cross-Site Scripting in Public Area | |
| First Time appeared |
Spip
Spip spip |
|
| Weaknesses | CWE-79 | |
| CPEs | cpe:2.3:a:spip:spip:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Spip
Spip spip |
|
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: REJECTED
Assigner: VulnCheck
Published: 2026-02-19T14:58:17.715Z
Updated: 2026-02-19T15:25:46.903Z
Reserved: 2026-02-19T03:00:22.782Z
Link: CVE-2025-71246
Vulnrichment
No data.
NVD
Status : Rejected
Published: 2026-02-19T16:27:12.790
Modified: 2026-02-19T16:27:12.790
Link: CVE-2025-71246
Redhat
No data.