| शीर्षक | Trilby Media Grav CMS >= 1.7.44, <= 1.7.49.5 Deserialization |
|---|
| विवरण | ## Description
`FileCache::doGet()` deserializes cached values with `unserialize(..., ['allowed_classes' => true])`. If cache files are attacker-controlled, this allows object instantiation and enables object-injection primitives.
## Impact
Potential object injection and possible code execution through gadget chains, when cache storage tampering is possible.
## Mitigation
- Avoid object deserialization for cache data; use strict JSON/primitive formats.
- Enforce integrity controls and strict permissions on cache directories.
- If deserialization is required, use a strict class allowlist. |
|---|
| स्रोत | ⚠️ https://github.com/devsamuelsantiago/grav-cms-filecache-object-injection |
|---|
| उपयोगकर्ता | s4nnty (UID 95917) |
|---|
| सबमिशन | 07/04/2026 05:09 PM (2 महीनों पहले) |
|---|
| संयम | 28/04/2026 03:13 PM (21 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 359965 [Grav CMS तक 1.7.49.5/2.0.0-beta.1 Cache Value FileCache.php FileCache::doGet अधिकार वृद्धि] |
|---|
| अंक | 20 |
|---|