The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code.
9.8CVSS
9.5AI Score
0.008EPSS
Eval injection vulnerability in php-gettext 1.0.12 and earlier allows remote attackers to execute arbitrary PHP code via a crafted plural forms header.
9.8CVSS
9.5AI Score
0.245EPSS