## https://sploitus.com/exploit?id=SAINT:1C0C8831B4EEEFE0047732F52A14E102
Added: 06/23/2023
### Background
SPIP is a web-based publishing system written in PHP.
### Problem
Mishandling of serialized data in SPIP's password reset form allows remote attackers to execute arbitrary commands.
### Resolution
Upgrade to SPIP 3.2.18, 4.0.10, 4.1.8, 4.2.1 or higher.
### References
https://github.com/nuts7/CVE-2023-27372
### Platforms
Linux