Loading
Tiki before 24.1, when feature_create_webhelp is enabled, allows lib/structures/structlib.php PHP Object Injection because of an eval.
Use CWE-94, Tiki vendor hub and Tiki product page to widen CVE-2023-22853 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2020-15906, CVE-2023-22850 and CVE-2023-22851 for nearby disclosures in the same product family.