CVE-2023-27372: SPIP before 4.2.1 allows Remote Code Execution via form values in the ...

Severity: Critical

CVSS Score: 9.8

SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1.