T1Oplatoo

**Name of the Vulnerable Software and Affected Versions** balerocms-src version 0.8.3 **Description** The issue allows remote attackers to run arbitrary code via a rich text editor on the "/admin/main/mod-blog" page. This is a result of a File Upload vulnerability. **Recommendations** For balerocms-src version 0.8.3, consider disabling the rich text editor feature on the /admin/main/mod-blog page until a patch is available. Restrict access to this page to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.