CISA Warns of Craft CMS Code Injection Flaw Being Exploited in Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning that attacks are exploiting a code injection vulnerability in Craft CMS. Users of Craft CMS are affected, with impacts including remote code execution. It is recommended to update Craft CMS immediately.