This restriction prevents attackers from deserializing user-controlled data and executing arbitrary PHP code on the system. Melis CMS is not enabled by default on new installations of Melis, but can be enabled by the administrator on existing installations. New installations are not vulnerable to this issue. Users should upgrade to `melisplatform/melis-cms` 5.0.1 or later as soon as possible.
Installation Restriction
Installation Restriction: CVE-2022-39297
This restriction prevents attackers from deserializing user-controlled data and executing arbitrary PHP code on the system. Melis CMS is not enabled by default on new installations of Melis, but can be enabled by the administrator on existing installations. New installations are not vulnerable to this issue. Users should upgrade to `melisplatform/melis-cms` 5.0.1 or later as soon as possible.
Installation of Melis CMS
Melis CMS is not enabled by default on new installations of Melis, but can be enabled by the administrator on existing installations. New installations are not vulnerable to this issue. Users should upgrade to `melisplatform/melis-cms` 5.0.1 or later as soon as possible.
Timeline
Published on: 10/12/2022 23:15:00 UTC
Last modified on: 10/13/2022 17:35:00 UTC