Debian LTS: DLA-3761-1: spip security update Hatim Chabik discovered a cross-site scripting (XSS) vulnerability in spip, a content management system, which can lead to privilege escalation or information disclosure.