CVE-2020-10934

Name of the Vulnerable Software and Affected Versions: AcyMailing versions prior to 6.9.2

Description: The issue is related to the lack of restrictions on file uploads in the AcyMailing mail manager. This can be exploited by a remote attacker to execute arbitrary code. The problem arises from the mishandling of file uploads by administrators.

Recommendations: For versions prior to 6.9.2, update to version 6.9.2 or later to resolve the issue. As a temporary workaround, consider restricting file upload capabilities for administrators until the update is applied.