A vulnerability was found in dotCMS. It has been declared as problematic. This vulnerability affects the function
UserSessionAjax.getSessionList.dwr
of the component Direct Web Remoting API. The manipulation leads to incorrect authorization.
This vulnerability was named CVE-2024-4447. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.