core/plugins/medias in SPIP 3.2.x before 3.2.7 allows remote authenticated authors to inject content into the database.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Spip | Spip | 3.2.0 (including) | 3.2.7 (excluding) |
Spip | Ubuntu | disco | * |
Spip | Ubuntu | eoan | * |
Spip | Ubuntu | esm-apps/bionic | * |
Spip | Ubuntu | trusty | * |
Spip | Ubuntu | upstream | * |