Spip · Spip · CVE-2019-11071
**Name of the Vulnerable Software and Affected Versions**
SPIP versions 3.1 through 3.1.9
SPIP versions 3.2 through 3.2.3
**Description**
The issue is related to insufficient input validation in the content management system, allowing an attacker to execute arbitrary code. This can be exploited by authenticated visitors, potentially leading to the execution of arbitrary code on the host server due to the mishandling of `var memotri`.
**Recommendations**
For SPIP versions 3.1 through 3.1.9, update to version 3.1.10 or later.
For SPIP versions 3.2 through 3.2.3, update to version 3.2.4 or later.