Описание
Deserialization of Untrusted Data in thinkphp
thinkphp 6.0.06.0.13 and 6.1.06.1.1 contains a deserialization vulnerability. This vulnerability allows attackers to execute arbitrary code via a crafted payload.
Пакеты
Наименование
topthink/think
composer
Затронутые версииВерсия исправления
<= 6.1.1
Отсутствует
Связанные уязвимости
CVSS3: 9.8
nvd
почти 3 года назад
thinkphp 6.0.0~6.0.13 and 6.1.0~6.1.1 contains a deserialization vulnerability. This vulnerability allows attackers to execute arbitrary code via a crafted payload.