High severity8.8NVD Advisory· Published Dec 16, 2025· Updated Apr 29, 2026
CVE-2023-53900
CVE-2023-53900
Description
Spip 4.1.10 contains a file upload vulnerability that allows attackers to upload malicious SVG files with embedded external links. Attackers can trick administrators into clicking a crafted SVG logo that redirects to a potentially dangerous URL through improper file upload filtering.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- www.exploit-db.com/exploits/51557nvdExploit
- www.vulncheck.com/advisories/spip-admin-account-spoofing-via-malicious-svg-uploadnvdThird Party Advisory
- www.spip.net/en_rubrique25.htmlnvdProduct
News mentions
0No linked articles in our index yet.