CVE-2020-18879

Name of the Vulnerable Software and Affected Versions: Bludit version 3.8.1

Description: The issue allows remote attackers to execute arbitrary code by uploading malicious files via the component 'bl-kereln/ajax/upload-logo.php'. This is an instance of an unrestricted file upload, which can be exploited to gain unauthorized access and control.

Recommendations: For Bludit version 3.8.1, consider disabling the 'bl-kereln/ajax/upload-logo.php' component until a patch is available to prevent the upload of malicious files. Restrict access to this component to minimize the risk of exploitation. Avoid using this component for file uploads until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.