Security News > 2025 > February > CISA flags Craft CMS code injection flaw as exploited in attacks

2025-02-21 15:57
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns that a Craft CMS remote code execution flaw is being exploited in attacks. [...]
News URL
Related news
- CISA tags critical Ivanti EPM flaws as actively exploited in attacks (source)
- CISA tags NAKIVO backup flaw as actively exploited in attacks (source)
- CISA Warns of CentreStack's Hard-Coded MachineKey Vulnerability Enabling RCE Attacks (source)
- CISA tags SonicWall VPN flaw as actively exploited in attacks (source)
- Craft CMS RCE exploit chain used in zero-day attacks to steal data (source)
- CISA tags Broadcom Fabric OS, CommVault flaws as exploited in attacks (source)