Fedora Account System
Red Hat Associate
Red Hat Customer
An unauthenticated attacker can exploit the Frontend 'validate' action to blindly instantiate arbitrary PHP classes. The impact depends on environment setup but appears limited at this time.