An unauthenticated attacker can exploit the Frontend 'validate' action to blindly instantiate arbitrary PHP classes. The impact depends on environment setup but appears limited at this time.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanation1 reference(s) from NVD