Yanbochen97

**Name of the Vulnerable Software and Affected Versions** Cuppa CMS version 1.0 **Description** The issue is related to a remote code execution (RCE) vulnerability. It is triggered via a crafted payload and can be exploited through the `email outgoing` parameter at the "/Configuration.php" API endpoint. **Recommendations** For Cuppa CMS version 1.0, as a temporary workaround, consider restricting access to the "/Configuration.php" endpoint to minimize the risk of exploitation. Avoid using the `email outgoing` parameter in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.