CISA Warns of Craft CMS Code Injection Flaw Exploited in Active Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting Craft CMS to its Known Exploited Vulnerabilities (KEV) catalog.

Tracked…