CVE-2013-4557
EPSS 69.5%
Description
The Security Screen (_core_/securite/ecran_securite.php) before 1.1.8 for SPIP, as used in SPIP 3.0.x before 3.0.12, allows remote attackers to execute arbitrary PHP via the connect parameter.
How to fix CVE-2013-4557
To remediate CVE-2013-4557, upgrade the affected package to a fixed version below.
- Debian/spip—upgrade to 2.1.24-1 or later
Is CVE-2013-4557 being exploited?
Likely — EPSS is 69.5%, placing CVE-2013-4557 in the top tier of vulnerabilities by exploitation probability. Prioritise patching.
Affected packages (1)
- from 0, < 2.1.24-1