CVE-2023-53900
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-16

Last updated on: 2026-04-29

Assigner: VulnCheck

Description
Spip 4.1.10 contains a file upload vulnerability that allows attackers to upload malicious SVG files with embedded external links. Attackers can trick administrators into clicking a crafted SVG logo that redirects to a potentially dangerous URL through improper file upload filtering.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-16
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2025-12-16
EPSS Evaluated
2026-06-14
NVD
CVE-2023-53900
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
spip spip 4.1.10
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in Spip 4.1.10 allows attackers to upload malicious SVG files that contain embedded external links. Due to improper filtering and sanitization of these SVG uploads, an attacker can craft a deceptive SVG logo that tricks administrators into clicking it. When clicked, the SVG redirects the administrator to a potentially dangerous external URL. The root cause is flawed web application logic combined with inadequate input validation and unsafe handling of SVG content. [2, 3]

Impact Analysis

The vulnerability can impact you by enabling attackers to perform social engineering attacks against administrators. By uploading a malicious SVG logo, attackers can trick administrators into clicking on it, which redirects them to harmful external websites. This can lead to further attacks such as spoofing or exposure to malicious content. Although it does not directly escalate privileges or compromise confidentiality, integrity, or availability, it poses a significant risk through deception and redirection. [2, 3]

Detection Guidance

Detection can involve scanning for uploaded SVG files on the server, especially those containing embedded external links. Since the vulnerability involves malicious SVG uploads with embedded hyperlinks, you can search for SVG files with suspicious content. For example, on a Linux server hosting SPIP, you might use commands like: 1) Find SVG files: `find /path/to/spip/uploads -name '*.svg'` 2) Search for external links inside SVG files: `grep -r 'xlink:href' /path/to/spip/uploads/*.svg` or `grep -r 'http' /path/to/spip/uploads/*.svg` to identify SVG files containing external URLs. Monitoring web server logs for unusual admin clicks or redirects may also help detect exploitation attempts. However, no specific detection commands are provided in the resources. [2, 3]

Mitigation Strategies

Immediate mitigation steps include: 1) Restrict or disable SVG file uploads until a patch or fix is applied. 2) Implement strict server-side validation and sanitization of uploaded SVG files to remove or block embedded external links. 3) Educate administrators to be cautious when clicking on uploaded SVG logos or images, especially those that might redirect externally. 4) Apply any available patches or updates from SPIP that address this vulnerability. Since the vulnerability arises from improper filtering of SVG uploads, improving input validation and sanitization is critical. Additionally, monitoring and restricting user privileges related to file uploads can reduce risk. [2, 3]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53900. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart