Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The session and cache handlers use unserialize() on data from the filesystem in the Fi…

A critical unsafe deserialization vulnerability affects MixPHP Framework versions 2.x through 2.2.17. The vulnerability exists in the session and cache handlers which use unserialize() function on data retrieved from the filesystem through the FileHandler object. This type of vulnerability can potentially allow attackers to execute arbitrary code by manipulating serialized data. The issue affects multiple versions of the popular PHP framework, making it a significant security concern for applications built on MixPHP. Organizations using affected versions should prioritize updating to a patched version.