Last week, Lucee released new stable versions to address multiple security vulnerabilities affecting all previous software versions. The Lucee team advises updating to the latest stable release, version 5.4.3.2, immediately. 

If you’re running an older version of Lucee, the following versions have backported stable releases:

    • 5.3.9.173
    • 5.3.8.237
    • 5.3.7.59

The Lucee team advises hotfixing your software immediately until you can upgrade to version 5.4.3.2.

Read the original announcement from Lucee for additional patching information and advice. 

As always, don’t hesitate to reach out if you have any questions about this vulnerability and your specific services here at Vivio.