I wanted to share with the dotCMS community that there has been a critical security issue / RCE discovered in dotCMS versions 4.0 to 22.02. The issue has been fixed in our latest LTS versions, v22.03, v5.3.8.10 and v21.06.7 and hotfixes are available on our github repo for other affected versions. A CVE has been filed, though it has not been made public yet.
The issue has already been communicated and remediated for dotCMS Cloud and Enterprise supported customers.
Thank you,
Will Ezell
--