CVE-2022-24711

Published February 28th, 2022

View on NVD ↗

CVSS v3

9.4

CRITICAL

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

CodeIgniter4 is the 4.x branch of CodeIgniter, a PHP full-stack web framework. Prior to version 4.1.9, an improper input validation vulnerability allows attackers to execute CLI routes via HTTP request. Version 4.1.9 contains a patch. There are currently no known workarounds for this vulnerability.

codeigniter4/CodeIgniter4

Open Source PHP Framework (originally from EllisLab)

GitHub

5.91K