PT-2022-26152 · Yii · Yiisoft/Yii

Name of the Vulnerable Software and Affected Versions: yiisoft/yii versions prior to 1.1.27 Description: The issue allows for Remote Code Execution RCE if the application calls unserialize on arbitrary user input. Recommendations: For versions prior to 1.1.27, upgrade yiisoft/yii to version 1.1.2...