Jianmou

Name of the Vulnerable Software and Affected Versions: Frog CMS version 0.9.5 Description: The issue concerns a security problem where an attacker can inject malicious code. The estimated number of potentially affected devices is not provided. The problem can be exploited through the "/install/index.php" API endpoint, specifically via the `config` array and the `admin username` field. Recommendations: For Frog CMS version 0.9.5, as a temporary workaround, consider restricting access to the "/install/index.php" endpoint until a patch is available. Avoid using the `admin username` field in the `config` array within this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.