SPIP Privilege Escalation Vulnerability in Author Management

A vulnerability in SPIP versions 4.4.10 through 4.4.12 prior to 4.4.13 allows unintended assignment of administrator privileges. This issue arises during the editing of author data due to improper handling of the STATUT variable, which can lead to the accidental promotion of accounts from roles such as 'editor' or 'visitor' to 'administrator'.

Impact

Exploitation of this vulnerability can result in unauthorized users being granted administrative rights, allowing them to access and modify all aspects of the SPIP site administration.

Reproduction

To reproduce this vulnerability, edit an author's data in SPIP versions 4.4.10 to 4.4.12 prior to 4.4.13. During the editing process, the STATUT variable is mishandled, which can inadvertently promote the author's role to administrator. After editing, it is essential to check the list of administrators in the backend, as some accounts may have been incorrectly elevated to admin status.

Remediation

Users can update to SPIP version 4.4.13, which addresses this vulnerability by correcting the mishandling of the STATUT variable and preventing unauthorized privilege escalation. The update can be performed using the SPIP loader or by downloading the latest version from the SPIP website.