## https://sploitus.com/exploit?id=SAINT:62A93973BBA301F9EDE7C739AC37B72C
Added: 06/23/2023
### Background
[SPIP](<https://www.spip.net>) is a web-based publishing system written in PHP.
### Problem
Mishandling of serialized data in SPIP's password reset form allows remote attackers to execute arbitrary commands.
### Resolution
[Upgrade](<https://www.spip.net/en_download>) to SPIP 3.2.18, 4.0.10, 4.1.8, 4.2.1 or higher.
### References
<https://github.com/nuts7/CVE-2023-27372>
### Platforms
Linux