Warning: Critical RCE vulnerability in Craft CMS
A vulnerability in Craft CMS can be remotely exploited by an attacker to upload and execute code. The complexity to exploit this vulnerability is low. The impact on the confidentiality and integrity of your or your customers data is high. Typically the Craft CMS is exposed to the public on the Internet.
The Craft CMS that allows an attacker to upload code and execute the code under control of the attacker.
The Centre for Cyber Security Belgium strongly recommends to upgrade to the Craft CMS 4.4.15 as soon as possible.