VYPR
Unrated severityNVD Advisory· Published Feb 28, 2023· Updated Mar 11, 2025

CVE-2023-27372

CVE-2023-27372

Description

SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Spip/Spipcpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: <4.2.1

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.