Cybersecurity researchers have discovered a new vulnerability in PHP which could allow hackers to run malicious code remotely.

The vulnerability is tracked as CVE-2’24-4577, and is described as a CGI argument injection vulnerability. At press time, it did not have a severity score assigned, but we do know that it affects all versions of PHP installed on the Windows operating system, and it was introduced when the team tried to patch a different flaw.



Source link