Launchpad.net

CVE 2020-28984

prive/formulaires/configurer_preferences.php in SPIP before 3.2.8 does not properly validate the couleur, display, display_navigation, display_outils, imessage, and spip_ecran parameters.

Related bugs and status

CVE-2020-28984 (Candidate) is related to these bugs:

Bug #1971185: Multiple vulnerabilities in Bionic and Impish

		In	Importance	Status
1971185	Multiple vulnerabilities in Bionic and Impish	spip (Ubuntu)	Undecided	Fix Released
1971185	Multiple vulnerabilities in Bionic and Impish	spip (Ubuntu Bionic)	Undecided	Fix Released
1971185	Multiple vulnerabilities in Bionic and Impish	spip (Ubuntu Impish)	Undecided	Fix Released

Bug #1978555: Multiple vulnerabilities in Focal and Jammy

		In	Importance	Status
1978555	Multiple vulnerabilities in Focal and Jammy	spip (Ubuntu)	Medium	Fix Released
1978555	Multiple vulnerabilities in Focal and Jammy	spip (Ubuntu Focal)	Undecided	New
1978555	Multiple vulnerabilities in Focal and Jammy	spip (Ubuntu Jammy)	Undecided	New

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2020-28984

Related bugs and status

Related bugs

References