Описание
ThinkPHP deserialization vulnerability
ThinkPHP v6.0.13 was discovered to contain a deserialization vulnerability via the component League\Flysystem\Cached\Storage\Psr6Cache. This vulnerability allows attackers to execute arbitrary code via a crafted payload.
Пакеты
Наименование
topthink/framework
composer
Затронутые версииВерсия исправления
<= 6.0.13
Отсутствует
Связанные уязвимости
CVSS3: 9.8
nvd
больше 3 лет назад
ThinkPHP v6.0.13 was discovered to contain a deserialization vulnerability via the component League\Flysystem\Cached\Storage\Psr6Cache. This vulnerability allows attackers to execute arbitrary code via a crafted payload.