CVE-2022-45982

Laravel Tech Community

Feb 15, 2023 · Information Security

ThinkPHP Deserialization Vulnerability (CVE-2022-45982)

The ThinkPHP framework suffers from a deserialization vulnerability (CVE‑2022‑45982) affecting versions 6.0.0‑6.0.13 and 6.1.0‑6.1.1, where unsanitized user input passed to unserialize() can allow attackers to execute arbitrary system commands, and no official patch has been released yet.