Yii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an __class array key, a CVE-2024-4990 regression, as exploited in the wild in February through April 2025.

Netskope Blog

Read more about how Netskope is enabling security and networking transformation through secure access service edge (SASE).