A vulnerability was discovered in the SPIP publishing system, which could result in unauthorised writes to the database by authors. The oldstable distribution is not affected.