CVE-2021-44123
Published: 26 January 2022
SPIP 4.0.0 is affected by a remote command execution vulnerability. To exploit the vulnerability, an attacker must craft a malicious picture with a double extension, upload it and then click on it to execute it.
Priority
CVSS 3 base score: 8.8