CVE-2025-63889

Publication date

2025-11-20 00:00:00

Family

mitre

State

PUBLISHED

Description

The fetch function in file thinkphplibrarythinkTemplate.php in ThinkPHP 5.0.24 allows attackers to read arbitrary files via crafted file path in a template value.