Haoami

**Name of the Vulnerable Software and Affected Versions** PublicCMS version 4.0.202302.e **Description** The issue allows a remote attacker to execute arbitrary code via a crafted script to the `writeReplace` function. This is due to the deserialization of untrusted data. **Recommendations** For PublicCMS version 4.0.202302.e, as a temporary workaround, consider disabling the `writeReplace` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.