Below is a security message from our friends over at Lucee.

We are aware of a potential security vulnerability related to the Lucee Admin. Details of how to exploit this vulnerability will be made public on December 5th, 2020 by a third party, so we are alerting Lucee users to address this potential issue now.

If your Lucee Admin is already locked down, this is not an issue. To lock down your admin, follow the recommendations in the Lucee Lockdown Guide.

Let us know if you would like help securing or checking your install.