Vulnerability Note VU#898083
dotCMS template permissions allow arbitrary code execution
Overview
The dotCMS content management system version 1.9 and possibly earlier versions, contains a vulnerability that allows users with the appropriate permissions to create a malicious t…