Critical RCE in dotCMS

24 views
Skip to first unread message

Will Ezell

unread,
Apr 26, 2022, 12:12:52 PMApr 26
to dot...@googlegroups.com
I wanted to share with the dotCMS community that there has been a critical security issue / RCE discovered in dotCMS versions 4.0 to 22.02.  The issue has been fixed in our latest LTS versions,  v22.03, v5.3.8.10 and v21.06.7 and hotfixes are available on our github repo for other affected versions.   A CVE has been filed, though it has not been made public yet.

The issue has already been communicated and remediated for dotCMS Cloud and Enterprise supported customers.

For more information about this issue and steps on how to remediate it, please details on our site at:  https://www.dotcms.com/security/SI-62
 
Thank you,


Will Ezell

--



382 NE 191st St #92150
Miami, Florida 33179-3899
Main: 
305-900-2001 | Direct: 978.294.9429

Reply all
Reply to author
Forward
0 new messages