CVE-2020-20735

Name of the Vulnerable Software and Affected Versions LJCMS version 4.3.R60321

Description The issue allows a remote attacker to execute arbitrary code. This is achieved via the "ljcms/index.php" parameter.

Recommendations For version 4.3.R60321, consider restricting access to the "ljcms/index.php" parameter until a patch is available. As a temporary workaround, avoid using the parameter in the affected API endpoint. At the moment, there is no information about a newer version that contains a fix for this vulnerability.