CVE-2021-43464

Name of the Vulnerable Software and Affected Versions Subrion CMS version 4.2.1

Description A Remote Code Execution (RCE) issue exists in Subrion CMS via modified code in a background field. When the information is modified, the data in it will be executed through eval(). This allows for potential code execution, posing a significant risk.

Recommendations For Subrion CMS version 4.2.1, consider disabling the background field functionality until a patch is available to prevent potential code execution through eval(). Additionally, restrict access to the background field to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.