THREATOPS
THREAT OPSCVEs › CVE-2024-56145

CVE-2024-56145 — Craft CMS Code Injection Vulnerability

CISA KEVExploited: confirmedCraft CMS

Craft CMS contains a code injection vulnerability. Users with affected versions are vulnerable to remote code execution if their php.ini configuration has `register_argc_argv` enabled.

Vulnerability details