Multiple Vulnerabilities Identified in SPIP Content Management System

On 18 February 2026, multiple vulnerabilities were identified in SPIP, a content management system. The flaws include server-side request forgery (SSRF), remote cross-site scripting (XSS), and an unspecified security issue as reported by the vendor. These vulnerabilities could allow attackers to manipulate server requests, inject malicious code, or exploit the undisclosed flaw. No specific affected versions or mitigation steps were detailed in the notice. Source: https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0179/