Product
Multiple vulnerabilities, including SQL injection and indirect remote code injection (XSS), were discovered in SPIP Content Management System versions prior to 4.4.16, allowing an attacker to compromise data confidentiality and execute malicious code in user browsers.