CVE-2021-37270

Name of the Vulnerable Software and Affected Versions CMS Enterprise Website Construction System version 5.0

Description The issue allows attackers to gain unauthorized access to the background administrator authority without logging in. This is achieved by directly accessing a specified background path.

Recommendations For CMS Enterprise Website Construction System version 5.0, consider restricting access to the background path until a patch is available. As a temporary workaround, limit the access to the background administrator authority to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.