CVE-2020-28984: prive/formulaires/configurer_preferences.php in SPIP before 3.2.8 does ...

Severity: Critical

CVSS Score: 9.8

prive/formulaires/configurer_preferences.php in SPIP before 3.2.8 does not properly validate the couleur, display, display_navigation, display_outils, imessage, and spip_ecran parameters.