7.4 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
8.7%
ThinkPHP 8.0.3 allows remote attackers to discover the PHPSESSION cookie because think_exception.tpl (aka the debug error output source code) provides this in an error message for a crafted URI in a GET request.
github.com/top-think/framework/issues/2996