Primary

Context

SPIP Open Redirect Vulnerability in Ecrire Component

Vulnerability

Patched

A open redirect vulnerability has been identified in the Ecrire component of SPIP, affecting versions prior to 4.4.15. This vulnerability allows for unauthorized redirection of users to external sites.

Impact

Exploitation of this vulnerability allows for open redirection, which can be used in phishing attacks by tricking users into visiting malicious sites.

Remediation

Users can update to SPIP version 4.4.15 to address this vulnerability. Instructions for updating are available on the SPIP website.

Added: May 26, 2026, 8:27 PM

Updated: May 26, 2026, 8:27 PM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

0.2

exploitability

7.5

remediation

7.7

relevance

9.3

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

0.2

exploitability

7.5

remediation

7.7

relevance

9.3

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SPIP Open Redirect Vulnerability in Ecrire Component

Vulnerability

Impact

Remediation

Affected Products

SPIP

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating