Middleware/SessionCookie.php in Slim before 2.6.0 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted session data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.025
EPSS Ranking 82.8%