A critical vulnerability in the YesWiki Bazar form field calculator allows unauthenticated attackers to achieve remote code execution or cause a denial-of-service condition.

The vulnerability resides in the CalcField.php component, where user-defined mathematical formulas are passed to eval() after inadequate sanitization. This flaw permits unauthenticated attackers to bypass logic and execute arbitrary PHP code or trigger a stack overflow.

With a CVSS score of 9.8, this vulnerability represents a critical threat to organizational integrity. Successful exploitation could lead to full system compromise, unauthorized access to sensitive wiki data, and complete operational downtime through server crashes.

Immediate Action: Upgrade all YesWiki instances to version 4.6.6 or later immediately.

Proactive Monitoring: Review application logs for anomalous POST requests directed at CalcField.php and monitor server CPU/memory usage for signs of ReDoS-induced crashes.

Compensating Controls: Implement a Web Application Firewall (WAF) rule to inspect and block suspicious mathematical syntax or recursive patterns in form submissions.

Public Exploit Available: false

Given the critical CVSS rating and the high impact of arbitrary code execution, administrators must prioritize patching this vulnerability. Apply the update to version 4.6.6 without delay to neutralize the risk of remote compromise.