1
Candidate: CVE-2013-7303
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7303
6
Multiple cross-site scripting (XSS) vulnerabilities in (1)
7
squelettes-dist/formulaires/inscription.php and (2)
8
prive/forms/editer_auteur.php in SPIP before 2.1.25 and 3.0.x before 3.0.13
9
allow remote attackers to inject arbitrary web script or HTML via the
13
sarnold> Might be 'low' or 'negligible' if the author is the one to inject
14
the XSS and if the author is generally allowed arbitrary HTML input somewhere
17
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736170
23
upstream_spip: released (3.0.13-1)
24
lucid_spip: ignored (reached end-of-life)
25
precise_spip: ignored (reached end-of-life)
26
precise/esm_spip: DNE (precise was needed)
27
quantal_spip: ignored (reached end-of-life)
28
raring_spip: ignored (reached end-of-life)
29
saucy_spip: ignored (reached end-of-life)
30
trusty_spip: not-affected (3.0.13-1)
31
utopic_spip: not-affected (3.0.13-1)
32
vivid_spip: not-affected (3.0.13-1)
33
vivid/stable-phone-overlay_spip: DNE
34
vivid/ubuntu-core_spip: DNE
35
wily_spip: not-affected (3.0.13-1)
36
xenial_spip: not-affected (3.0.13-1)
37
yakkety_spip: not-affected (3.0.13-1)
38
zesty_spip: not-affected (3.0.13-1)
39
devel_spip: not-affected (3.0.13-1)