PHP object injection vulnerabilities exist in multiple widget files in AlienVault OSSIM and USM before 5.3.2. These vulnerabilities allow arbitrary PHP code execution via magic methods in included classes.
CPE | Name | Operator | Version |
---|---|---|---|
open_source_security_information_and_event_management | le | 5.3.1 | |
unified_security_management | le | 5.3.1 |