Openstudio

**Name of the Vulnerable Software and Affected Versions** SPIP Saisies plugin versions 5.4.0 through 5.11.0 **Description** The 'Saisies pour formulaire' (Saisies) plugin for SPIP contains a critical Remote Code Execution (RCE) issue. An attacker can exploit this issue to execute arbitrary code on the server. The vulnerability is due to a template injection pattern, potentially involving an `eval()` chain, with different entry points identified in multiple plugins. **Recommendations** Update to version 5.11.1 or later.