CVE-2019-16392 (spip)

SPIP before 3.1.11 and 3.2 before 3.2.5 allows prive/formulaires/login.php XSS via error messages.
Source: NIST
CVE-2019-16392 (spip)