Skip to main content

SPIP EUVD-2026-31601

| CVE-2026-48832 LOW
URL Redirection to Untrusted Site (Open Redirect) (CWE-601)
2026-05-24 mitre GHSA-r5pm-523h-5x7q
PHP Open Redirect Spip
3.5
CVSS 3.1 · NVD

Severity by source

NVD PRIMARY
3.5 LOW
AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
Low
Availability
None

Lifecycle Timeline

2
Analysis Generated
Jun 08, 2026 - 13:07 vuln.today
Patch available
May 26, 2026 - 14:16 EUVD

DescriptionCVE.org

action/cookie.php in ecrire in SPIP before 4.4.15 is prone to an open redirect vulnerability.

AnalysisAI

Open redirect in SPIP's ecrire subsystem allows authenticated remote attackers with low privileges to redirect victims to arbitrary external URLs via the action/cookie.php endpoint, affecting all SPIP versions prior to 4.4.15. The CVSS score of 3.5 (Low) is consistent with EPSS at 0.03% (7th percentile) and SSVC's determination of no exploitation and partial technical impact, making this a low-urgency but patchable flaw. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate to SPIP with low-privilege account
Delivery
Craft redirect URL targeting action/cookie.php with malicious destination
Exploit
Trigger redirect under high-complexity conditions
Execution
SPIP issues HTTP redirect to attacker-controlled site
Persist
Victim user's browser follows redirect
Impact
User lands on phishing or malware delivery page
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to hold at minimum a low-privileged authenticated SPIP account (PR:L per CVSS vector) - unauthenticated exploitation is not supported by the available data. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.5 Low score accurately reflects the constrained real-world impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An authenticated attacker holding a low-privilege SPIP account constructs a URL targeting action/cookie.php with a manipulated redirect parameter pointing to an attacker-controlled phishing page. Under the required high-complexity conditions - potentially specific session state or request sequencing - SPIP processes the request and issues an HTTP redirect to the external malicious URL, which a victim user following the link would land on without browser warning. …
Remediation The primary fix is upgrading to SPIP 4.4.15 or later, which resolves the open redirect in action/cookie.php. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-55692 HIGH POC
7.5 Jun 19

Stored cross-site scripting in the StarCitizenWiki EmbedVideo MediaWiki extension (versions <= 4.0.0) allows any user wi
CVE-2026-9815 MEDIUM POC
6.5 Jun 18

Unrestricted PHP file upload in the MagicForm WordPress plugin (through version 0.1.3) enables unauthenticated remote co
CVE-2026-48908 CRITICAL
10.0 Jun 20

Remote unauthenticated arbitrary file upload in JoomShaper SP Page Builder extension for Joomla (versions 1.0.0 through

CVE-2026-48939 CRITICAL
10.0 Jun 20

Arbitrary PHP file upload in the iCagenda extension for Joomla enables remote unauthenticated attackers to abuse the eve
CVE-2025-69108 CRITICAL
9.8 Jun 16

Unauthenticated PHP Object Injection in the ThemeREX Hot Coffee WordPress theme (versions ≤ 1.7) allows remote attackers

Share

EUVD-2026-31601 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy