CVE-2013-2118
spip - privilege escalation
EPSS 12.0%
Description
SPIP 3.0.x before 3.0.9, 2.1.x before 2.1.22, and 2.0.x before 2.0.23 allows remote attackers to gain privileges and "take editorial control" via vectors related to ecrire/inc/filtres.php.
How to fix CVE-2013-2118
To remediate CVE-2013-2118, upgrade the affected package to a fixed version below.
- Debian/spip—upgrade to 2.1.22-1 or later
- Debian/spip—upgrade to 2.1.1-3squeeze6 or later
Is CVE-2013-2118 being exploited?
Moderate — EPSS is 12.0%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 2.1.22-1
- from 0, < 2.1.1-3squeeze6