The company behind CMS products used by companies such as L’Oreal, Microsoft, Toyota, and more has disclosed a critical vulnerability that hackers are already attempting to exploit.