← Back to CVE List
CVE-2025-24374
Twig is a template language for PHP. When using the ?? operator, output escaping was missing for the expression on the left side of the operator. This vulnerability is fixed in 3.19.0.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt