6.2 Medium
AI Score
Confidence
Low
0.018 Low
EPSS
Percentile
88.1%
PHP does not validate the configuration directive soap.wsdl_cache_dir before writing SOAP wsdl cache files to the filesystem. Impact An attacker is able to write remote wsdl files to arbitrary locations on an affected system.