CVE-2019-11071

Name of the Vulnerable Software and Affected Versions SPIP versions 3.1 through 3.1.9 SPIP versions 3.2 through 3.2.3

Description The issue is related to insufficient input validation in the content management system, allowing an attacker to execute arbitrary code. This can be exploited by authenticated visitors, potentially leading to the execution of arbitrary code on the host server due to the mishandling of var memotri.

Recommendations For SPIP versions 3.1 through 3.1.9, update to version 3.1.10 or later. For SPIP versions 3.2 through 3.2.3, update to version 3.2.4 or later.