Craft CMS RCE (CVE-2025-32432)
Description
Invicti has identified that Craft CMS is vulnerable to remote code execution due to a flaw in the underlying Yii2 framework (CVE-2024-4990)
Remediation
Upgrade to the latest version of Craft CMS
Looking for the vulnerability index of Invicti's legacy products?